[Openswan Users]

Paul Wouters paul at xelerance.com
Thu Dec 29 03:51:24 CET 2005

On Wed, 28 Dec 2005, Sreeram Rengaraj wrote:

> The topology is simple.
> I have a linux client with Openswan installed on it.
> eth0
> I have a checkpoint gateway at the other end - IP
> The 2 interfaces are directly connected. I got a
> tunnel established and pings working between the two.
> However trouble started when I enabled NAT -traversal.
> I dont get replies to my ping ( the tunnel seems to
> have been setup) and I dont see UDP encapsulation
> happening?

> config setup
> interfaces= "ipsec0=eth0"
> nat_traversal=yes
> config roadwarrior
> rightcert=/etc/certs/xx.der
> rightid= XXX
> right=
> rightnexthop=
> rightsubnet=

I do not think this is what you want. It just happens to match the
no proposal chosen error. You want rightsubnet=vhost:%priv,%no


More information about the Users mailing list