[Openswan Users] Windows XP and OpenSwan

Aaron Smith asmith at nexcerpt.com
Thu Apr 28 15:49:22 CEST 2005

> >  I can successfully create an
> > IPSec tunnel between the openswan gateway and the remote linux box
> > (though there is a minor issue with that which I think I'll send
> > seperately to the list) but when I establish an IPSec connection to the
> > same Gateway directly from a Windows XP machine behind the linux box,
> > the tunnel comes up, but pings to the local subnet time out and although
> > I see ESP packets arrive at the Gateway, there is no traffic on ipsec0.
> You should see UDP port 500 packets (nat-t encapsulated ESP packets).
	Is the Nat-t encapsulation set up during the creation of the ipsec
tunnel?  i.e., if one side doesn't support Nat-t, the other side won't
use it?  After the ipsec connection is made, the pings from the XP box
don't arrive as nat-t encapsulated ESP packets, just raw ESP packets. 
If I get nat-t configured on the gateway side, will the client then
start using nat-t?  I just want to make sure everything else seems to be
normal before I start digging in too deeply to getting nat-t going on
the gateway side.

Aaron Smith             		vox: 269.226.9550 ext.26
http://www.nexcerpt.com       		fax: 269.349.9076	
	...Nexcerpt... Extend Your Expertise
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/users/attachments/20050428/1a4e7367/attachment.bin

More information about the Users mailing list