[Openswan Users]
Nat-T from Openswan roadwarrior to Checkpoint gateway
Sreeram Rengaraj
sr2k_us at yahoo.com
Wed Dec 28 15:48:20 CET 2005
The topology is simple.
I have a linux client with Openswan installed on it.
eth0 1.2.3.5
I have a checkpoint gateway at the other end - IP
1.2.3.4
The 2 interfaces are directly connected. I got a
tunnel established and pings working between the two.
However trouble started when I enabled NAT -traversal.
I dont get replies to my ping ( the tunnel seems to
have been setup) and I dont see UDP encapsulation
happening?
Here is my ipsec.conf file.
config setup
interfaces= "ipsec0=eth0"
nat_traversal=yes
config roadwarrior
rightcert=/etc/certs/xx.der
rightid= XXX
right=1.2.3.5
rightnexthop=1.2.3.4
rightsubnet=192.168.1.1/32
leftrsasigkey=XXX
left=1.2.3.4
leftnexthop=1.2.3.5
type=tunnel
ketretries=0
authby=rsasig
keyexchange=ike
auto=start
auth=esp
pfs=no.
When I try to ping 1.2.3.4 from 1.2.3.5, I am not
getting any replies.
Can somebody tell me what I am missing?
Thanks!
__________________________________
Yahoo! for Good - Make a difference this year.
http://brand.yahoo.com/cybergivingweek2005/
More information about the Users
mailing list