[Openswan Users] L2TP/IPsec with double NAT

Stefano Pazzaglia stefano.pazzaglia at fastwebnet.it
Fri Aug 12 22:24:23 CEST 2005


It's not simple to explain..My italian ISP (Fastweb) has something like a 
huge private network which is separated from others italian isp addresses. 
All of Fastweb addresses are natted, in fact if you want to provide a 
webserver or something who use a pubblic address you have to buy a public 
address from them. So I can't be seen directly from the internet. Like I was 
saying ipconfig returns me address 37.xxx.xxx.xxx but if I surf to a web 
site who gives me my real address it gives me  213.xxx.xxx.xxx.
Now I'm gonna try to do as you suggest...


----- Original Message ----- 
From: "Jacco de Leeuw" <jacco2 at dds.nl>
To: <users at openswan.org>
Sent: Friday, August 12, 2005 9:09 PM
Subject: Re: [Openswan Users] L2TP/IPsec with double NAT


> Stefano Pazzaglia wrote:
>
>> Ok for protoport 17/1701 but what about Paul Wouters' suggestion? What I 
>> have to put in virtual_private?
>
> I did not remember Paul's e-mail. You wrote that your client is behind
> a NAT router on a 37.xxx.xxx.0/21 subnet.
>
> In that case it should be something like:
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:37.xxx.xxx.0/21,%v4:!192.168.0.0/24
>
> But I wonder why you are using a 37.x.x.x subnet for a NATed subnet.
> It appears to be IANA reserved address space.
>
> Jacco
> -- 
> Jacco de Leeuw                         mailto:jacco2 at dds.nl
> Zaandam, The Netherlands           http://www.jacco2.dds.nl
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.338 / Virus Database: 267.10.7/70 - Release Date: 11/08/2005
>
> 



More information about the Users mailing list