[Openswan Users] Nat-T and draytek

Luis Rodrigues luis.rodrigues at netgraf.com
Thu Sep 23 16:57:52 CEST 2004




I'm using OpenSwan 2.1.5, and I've got a problem.

This version doesn't create the ipsec0 device, and that is a big problem for


I used to use freeswan 1.99, and i've got some draytek 2600V routers
connecting to it.

It all worked fine, except for a small thing that i disussed here in this


The problem is: 

In the linux side, I've got an Draytek 2500 ADSL router to connect to the
Internet, and the NAT question was simply resolved with an iptables rule
that MASQued all interfaces except ipsec0.

But now i haven't got this interface, and i need a workaround for this. 

I've been reading some tihings about the NAT-T patch, which comes with
OpenSwan, but encapsulating the ESP packets in UDP packets will be a problem
with the Draytek 2600 in the other side. How can i get this to work? 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040923/f1caa92c/attachment.htm

More information about the Users mailing list