[Openswan Users] L2TP/IPsec with double NAT
Stefano Pazzaglia
stefano.pazzaglia at fastwebnet.it
Fri Aug 12 22:24:23 CEST 2005
It's not simple to explain..My italian ISP (Fastweb) has something like a
huge private network which is separated from others italian isp addresses.
All of Fastweb addresses are natted, in fact if you want to provide a
webserver or something who use a pubblic address you have to buy a public
address from them. So I can't be seen directly from the internet. Like I was
saying ipconfig returns me address 37.xxx.xxx.xxx but if I surf to a web
site who gives me my real address it gives me 213.xxx.xxx.xxx.
Now I'm gonna try to do as you suggest...
----- Original Message -----
From: "Jacco de Leeuw" <jacco2 at dds.nl>
To: <users at openswan.org>
Sent: Friday, August 12, 2005 9:09 PM
Subject: Re: [Openswan Users] L2TP/IPsec with double NAT
> Stefano Pazzaglia wrote:
>
>> Ok for protoport 17/1701 but what about Paul Wouters' suggestion? What I
>> have to put in virtual_private?
>
> I did not remember Paul's e-mail. You wrote that your client is behind
> a NAT router on a 37.xxx.xxx.0/21 subnet.
>
> In that case it should be something like:
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:37.xxx.xxx.0/21,%v4:!192.168.0.0/24
>
> But I wonder why you are using a 37.x.x.x subnet for a NATed subnet.
> It appears to be IANA reserved address space.
>
> Jacco
> --
> Jacco de Leeuw mailto:jacco2 at dds.nl
> Zaandam, The Netherlands http://www.jacco2.dds.nl
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.338 / Virus Database: 267.10.7/70 - Release Date: 11/08/2005
>
>
More information about the Users
mailing list