[Openswan Users] Missing a concept
Barry Reinhold
bbr at lampreynetworks.com
Tue Feb 8 13:16:58 CET 2005
I am attempting to install VPN service between "roadwarrior" windows XP
boxes and a SOHO network. In general I have followed the procedure
outlined by Nate Carlson, and have managed to get a VPN established
between a windows XP workstation and the SOHO network ... sort of.
>From the XP box (in private space 192.168.130./24) I can ping, and
telnet to the office network (in private space 192.168.127.0/24). But I
can not start X applications and get the display back on my XP box, nor
can I ping from the office network to the XP box -- even while the XP
box is pinging the other way.
The layout is:
XP box/IPsec client <-- 192.168.130.0/24 --> NAT only box <-- internet
--> NAT box/IPsec server <-- 192.168.127.0/24 -->Linux server
When I use ethereal to capture traffic on the internet side of the "NAT
only box" I see pings flowing through (UDP_source == 4500, and UDP_dest
== 4500). However, when I ping from the Linux server box to the XP box I
see the packets flowing into the NAT only box on (UDP_Source == whatever
port, UDP_dest == 4500).
After a read through of the draft for NAT-T I think I should be
expecting the linux server's ping requests to be mapped to (4500, 4500).
I would like to have this confirmed.
The second question is, if this is wrong, is it most likely in my
ipsec.conf or is there some firewall/NAT code that should be checked?
Thanks in advance for any insight/suggestions.
Barry Reinhold
Lamprey Networks
bbr at lampreynetworks.com
(603) 868-8411
More information about the Users
mailing list