[Openswan Users] L2TP/IPsec with double NAT

Stefano stefano.pazzaglia at fastwebnet.it
Tue Aug 9 15:25:38 CEST 2005


No, connection begins but after a while it drops.
@Jacco, if it's possible I would like to send you my ipsec barf. And,
another thing I missed to mention,  Openswan server stands in a DMZ with
interface eth1 (xxx.xxx.xxx.91) on DMZ xxx.xxx.xxx.88/29 and interface eth0
on my LAN with IP address 192.168.0.102. External firewall has IPs
xxx.xxx.xxx.85 (out of DMZ) and  xxx.xxx.xxx.89 (within DMZ) and makes DNAT
to Openswan. In barf logs connection is attempted from a PC belonging to
LAN. Let me know if I can send you barf for a better comprehension of my
situation...


----- Original Message ----- 
From: "Jacco de Leeuw" <jacco2 at dds.nl>
To: <users at openswan.org>
Sent: Tuesday, August 09, 2005 11:29 AM
Subject: Re: [Openswan Users] L2TP/IPsec with double NAT


>
> Stefano Pazzaglia wrote:
>
>> Any idea? :-(
>> I'm wondering if I have to surrender, even if  I think i'm not too far
>> from the solution ...
>
> You did not respond to my suggestion to use certificates instead of
> a PSK. And did you remember to correct the virtual_private line?
> I would also suggest you try first without any NAT between the client
> and the server. When that works, you put the client behind NAT. Then
> the next step would be to put the server behind NAT as well.
>
> Jacco
> -- 
> Jacco de Leeuw                         mailto:jacco2 at dds.nl
> Zaandam, The Netherlands           http://www.jacco2.dds.nl
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users



More information about the Users mailing list