[Openswan Users] no l2tp traffic with NATed client
Neil Ballantyne
Neil at liquide.uk.com
Fri Jun 3 10:12:58 CEST 2005
Am using 26sec in 2.6 kernel so no ipsec0 interface...
> -----Original Message-----
> From: Steffen Becker [mailto:becker at informatik.uni-oldenburg.de]
> Sent: 01 June 2005 15:48
> To: 'Norman Rasmussen'; Neil Ballantyne
> Cc: 'Openswan Users Mlist'
> Subject: RE: [Openswan Users] no l2tp traffic with NATed client
>
> Hi,
>
> > > For ref, the rule I'm using to forward traffic in to the
> > l2tp server is:
> > >
> > > iptables -t nat -A PREROUTING -i eth0 -p udp --sport 1701
> > --dport 1701
> > > -j DNAT --to-destination xxx.xxx.xxx.xxx
>
> There is an error, you have to use the ipsec interface change
> "-i eth0" to "-i ipsec0"
> From the cited HowTo:
>
> # make VPN server reachable
> /sbin/iptables -t nat -A PREROUTING -i ipsec0 \
> -p udp --sport 1701 --dport 1701 \
> -j DNAT --to-destination <address-of-VPN-server>
>
> Cheers,
> Steffen
>
> --------------------------------------------------------------
> ----------
> Dipl. Wirtsch. Inform. Steffen Becker, DFG Junior Research
> Group "Palladio", Fk 2, Department of Computing Science,
> Software Engineering Group CvO Universität Oldenburg / OFFIS,
> Escherweg 2, D-26121 Oldenburg
> Email: becker at informatik.uni-oldenburg.de
> URL: http://se.informatik.uni-oldenburg.de
> Voice: +49 441 9722-582 (-501, secr.) Fax: +49 441 9722-502
> --------------------------------------------------------------
> ----------
>
>
More information about the Users
mailing list