[Openswan Users] using the same tunnel

Barry Reinhold bbr at lampreynetworks.com
Thu Feb 10 17:13:06 CET 2005

I am in a NAT'ed environment that connects a XP ipsec client through an
openswan server to another NAT'ed environment.

>From the XP ipsec client (road warrior) I can ping the application
server behind the openswan gateway, but when I attempt to ping from the
application server behind the openswan gateway back to the XP client
this fails.

The ping from the XP client NATs through UDP ports (D=4500, S=4500) and
the echo responses come back on (D=4500, S=4500) However, a ping
initiated from the application client comes on UDP ports (D=4500,
S=arbitrary). Since there may be multiple entities behind the NAT on the
client side I need to have the application server initiated activity map
to the same IP address, and UDP port created by the initial XP client
activity. Is this possible or am I out in the weeds. New at this --

Barry Reinhold
Lamprey Networks
bbr at lampreynetworks.com
(603) 868-8411

More information about the Users mailing list