[Openswan Users] Openswan, Windows XP behind Linksys WRT54G router (SOLVED)

Jacco de Leeuw jacco2 at dds.nl
Fri Aug 5 12:10:43 CEST 2005


Andrej Trobentar wrote:

> I don't know why the VPN connection was working if there was no Linksys
> WRT54G router in front of it - the notebook was connected directly to
> Internet.

NAT-T uses UDP port 4500. So if this port is firewalled, the NAT-T
negotiation will not complete. If there is no NAT (your notebook
directly connected) then it does not matter if UDP 4500 is blocked.

> If I disable "IPSEC passthrought" and "L2TP passthrough" on the Linksys
> router the VPN connection does NOT work. No I have enabled these two
> options and everything works fine...

I have no explanation for this. The NAT-T should be able to get through
NAT routers on its own. Those NAT routers should not try to be 'helpful'
by using outdated IPsec passthrough mechanisms. Perhaps the Linksys is
different. You could try to disable one of the two settings and see
which one does the trick.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list