[Openswan Users] Can't connect Win98 MSL2TP
clienttoOpenSwanServer
Jacco de Leeuw
jacco2 at dds.nl
Tue Jul 5 21:09:19 CEST 2005
Mark Cave-Ayland wrote:
> I've tried to draw a rough ASCII diagram of the
> roadwarrior setup I'm trying to implement below (apologies if it doesn't
> come out as expected):
>
>
> REMOTE
> LOCAL
>
>
> |----------------------------------|
> NAT router | | NAT
> router (IPSec GW)
> 192.168.2.1 80.1.2.3.4 213.x.x.x
> 192.168.2.1
> (internal, can vary) (external, can vary) (external)
> (internal)
> |
> |
> Roadwarrior
> |
> 192.168.2.2
> (servers required by
>
> roadwarrier)
I'm afraid your ASCII art was mangled a bit due to line wrapping.
> So when the roadwarrior connects to the local IPSec GW, then even after
> NAT-T then openswan will see the connection as being between 192.168.2.2 and
> 213.x.x.x, and not from between 80.1.2.3.4 and 213.x.x.x? In that case,
> would that mean my roadwarrior in the diagram above would be unable to
> connect? :(
I'm not sure what you mean but it seems that 192.168.2.1 is used on both
sides in your diagram. That will never work. You will have to forbid your
road warriors to use 192.168.2.0/24 on their NAT routers or change your
internal subnet to something that is not used on any NAT router.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list