[Openswan Users] NAT-T really needed?
Paul Wouters
paul at xelerance.com
Wed Apr 13 12:04:24 CEST 2005
On Tue, 12 Apr 2005, Alessandro Macuz wrote:
> I have been trying to start a VPN between a PIX 525 and a Linux box.
> PIX is behind a router doing NAT.
> I enabled NAT-T on both sides but Linux box tells me
>
> Apr 12 23:05:10 testvpn kernel: klips_debug:ipsec_rcv: suspected ESPinUDP
> packet (NAT-Traversal) [1].
Does it say anything else?
> Why does it tell "suspected ESPinUDP packet (NAT-Traversal)". Do I really
> need NAT-T?
Yes, you do.
> Obviously the tunnel doesn't work.
What is the exact error? (without klipsdebug!!!)
What is your configuration?
What is your nat-t router? Perhaps it is breaking things. Did you disable
IPsec passthrough?
Paul
More information about the Users
mailing list