[Openswan Users] Openswan and Safenet behind NAT

famleone at tin.it famleone at tin.it
Sun Jul 24 16:14:01 CEST 2005


Hi , I try to connect a laptop with Safenet client with PSK  with connection
by router with nat or modem to
a VPN server Debian Sarge (kernel 2.6.8+26sec) with Openswan 2.2.0 with a
public ip :


Lan                                       Sarge                         
            Dinamic ip                     Host
192.168.122.0/24 ======22.33.44.11---------Internet--------Router with NAT====192.168.200.20
                                            OpenSwan                    
                                                 Safenet client vpn
                                                      #                 
                                                         #
                                                      #######################################
                                                                        TUNNEL
IPSEC



/etc/ipsec.conf

config setup
       nat_traversal=yes
     conn fw1
       left=22.33.44.11
       leftsubnet=192.168.122.0/24
       type=tunnel
       authby=secret
       pfs=no
       right=%any
       auto=add

------------------------------------------------------------------
/etc/ipsec.secrets

22.33.44.11 %any : PSK "aaabbbbbcccc"


If I test the connection with modem the tunnel is established and the vpn
works good
but when I use a connection behind NAT it doesnt work.
What can I do?
How can I understand if nat traversal works correctly?


Thanks
cfh





More information about the Users mailing list