[Openswan Users] NAT between to ipsec-connections with kernel 2.6.7 / openswan 2.3.0

Tomasz Grzelak tgrzelak at wktpolska.com.pl
Wed Feb 16 08:07:11 CET 2005


Dnia wtorek, 15 lutego 2005 18:21, Markus Meissner napisał:
> Now I have to use kernel  2.6.7-k8 with openswan 2.3.0 on the official
> server B and the masq doesn't work any longer. Both ipsec-connections from
> A to B and from B to C are working, but when I try to masq the packages
> coming from A it doesn't work. I *think* that the kernel-ipsec does not
> care about masqued packets.

Hint: try to use kernel >2.6.7
I set up a vpn connection once with an xp client behind NAT, and the openswan 
2.2.0 server. A connection couldn't have been established.
Then I compiled the 2.6.9 kernel - everything worked fine (with THE SAME 
config files as while tries with 2.6.7).
Maybe it was a lack of some option in the 2.6.7 kernel (but without NAT 
connections worked), but I had no problems with 2.6.9, so try to use this 
one.

Tom


More information about the Users mailing list