[Openswan Users] Openswan Nat-t and debian

[Marco Perrando]

At last I did it.

After two weeks of various errors, I could get a connection from a 
client behind Nat and openswan linux server running on debian.

1. Downloaded vanilla kernel 2.4.27 from kernel.org.
2. Downloaded openswan 2.1.5.
3. Applied natt patch from openswan2.1.5 to kernel 2.4.27, and 
configured kernel (ACTIVATING NAT_TRAVERSAL OPTION!!!)
4. make-kpkg --append-to-version -vanilla-p kernel_image to obtain a 
debian kernel packege (no initrd).
5. Installed kernel packege.
6. Changed lilo conf to load without initrd.
7. run lilo.
8. make openswan programs and modules and installed them (no debian 
package for openswan programs....)
9. copy the ipsec.o from the directory openswan put it into 
(/lib/modules/2.4.27/...) into debian modules directory 
(/lib/modules/2.4.27-vanilla-p/kernel/....)
10. rebbot

check that PLUTO and KLIPS 2.1.5 are running.

Et voila! The connection from a nat-ted windows client worked!

I would like to thank all you guys that helped me.

Sincerly,

Marco.

P.S.

I see that openswan does not support two clients connecting from behind 
the same IP natted address.
Pluto complains about another identity already connected from the same 
IP address.
That would be a smart feature, doesn't it?