[Openswan Users] packet rejected: should have been encrypted
Bram Bouwens
bbouwens at xs4all.nl
Mon Jul 4 18:00:13 CEST 2005
Jacco de Leeuw wrote:
> Bram Bouwens schreef:
>
>> I'm now trying to work out a setup for our Windows addicts.
>> In the test setup I have a Windows XP machine behind a NAT
>> gateway. I'm following
>> http://www.natecarlson.com/linux/ipsec-x509.php .
>
>
> I don't know if this causes your problem but your subnet is not excluded:
>
>>
>> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
>
>
>
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,
> %v4:!192.168.0.0/24
>
> Jacco
After looking up some documentation (it's not in the ipsec.conf
man page but in /usr/share/doc/packages/openswan/README.NAT-Traversal)
I agree with this exclusion. But I do not yet see this being related
to the issue at hand (I might have struck on it later :)
Bram
More information about the Users
mailing list