[Openswan Users] Windows XP and OpenSwan
Aaron Smith
asmith at nexcerpt.com
Thu Apr 28 15:49:22 CEST 2005
> > I can successfully create an
> > IPSec tunnel between the openswan gateway and the remote linux box
> > (though there is a minor issue with that which I think I'll send
> > seperately to the list) but when I establish an IPSec connection to the
> > same Gateway directly from a Windows XP machine behind the linux box,
> > the tunnel comes up, but pings to the local subnet time out and although
> > I see ESP packets arrive at the Gateway, there is no traffic on ipsec0.
>
> You should see UDP port 500 packets (nat-t encapsulated ESP packets).
>
Is the Nat-t encapsulation set up during the creation of the ipsec
tunnel? i.e., if one side doesn't support Nat-t, the other side won't
use it? After the ipsec connection is made, the pings from the XP box
don't arrive as nat-t encapsulated ESP packets, just raw ESP packets.
If I get nat-t configured on the gateway side, will the client then
start using nat-t? I just want to make sure everything else seems to be
normal before I start digging in too deeply to getting nat-t going on
the gateway side.
--
-----------------------------------------------------------------
Aaron Smith vox: 269.226.9550 ext.26
http://www.nexcerpt.com fax: 269.349.9076
...Nexcerpt... Extend Your Expertise
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/users/attachments/20050428/1a4e7367/attachment.bin
More information about the Users
mailing list