[Openswan Users] NAT-T and NET to NET

J Zakhar jzakhar at gmail.com
Sat Feb 26 18:59:51 CET 2005

I have a gateway with a public ip, The peer trying to establish a
tunnel with me is behing a NAT router

I have tried on the gateway with the public ip the following for right



the only way it ever establishes a tunnel is with right=%any

which ends up looking like this in the status display

erouted; eroute owner: #2

maybe I am missing something here, I am just not sure what to do for
right on the gateway as nothing has worked yet

using right=anything but %any gets me

Feb 26 18:40:18 pcp03822184pcs pluto[6053]: packet from
24.90.16.xxx:4500: initial Main Mode message received o
n 68.46.210.xxx:4500 but no connection has been authorized

Could this be a problem with the remote router trying to do ipsec passthrough ?

More information about the Users mailing list