[Openswan Users] no l2tp traffic with NATed client

Neil Ballantyne Neil at liquide.uk.com
Fri Jun 3 10:12:58 CEST 2005


Am using 26sec in 2.6 kernel so no ipsec0 interface... 

> -----Original Message-----
> From: Steffen Becker [mailto:becker at informatik.uni-oldenburg.de] 
> Sent: 01 June 2005 15:48
> To: 'Norman Rasmussen'; Neil Ballantyne
> Cc: 'Openswan Users Mlist'
> Subject: RE: [Openswan Users] no l2tp traffic with NATed client
> 
> Hi,
>  
> > > For ref, the rule I'm using to forward traffic in to the
> > l2tp server is:
> > > 
> > > iptables -t nat -A PREROUTING -i eth0 -p udp --sport 1701
> > --dport 1701
> > > -j DNAT --to-destination xxx.xxx.xxx.xxx
> 
> There is an error, you have to use the ipsec interface change 
> "-i eth0" to "-i ipsec0"
> From the cited HowTo:
> 
> # make VPN server reachable
> /sbin/iptables -t nat -A PREROUTING -i ipsec0 \
> 	-p udp --sport 1701 --dport 1701 \
> 	-j DNAT --to-destination <address-of-VPN-server>
> 
> Cheers,
> Steffen
> 
> --------------------------------------------------------------
> ----------
> Dipl. Wirtsch. Inform. Steffen Becker, DFG Junior Research 
> Group "Palladio", Fk 2, Department of Computing Science, 
> Software Engineering Group CvO Universität Oldenburg / OFFIS, 
> Escherweg 2, D-26121 Oldenburg
> Email: becker at informatik.uni-oldenburg.de
> URL: http://se.informatik.uni-oldenburg.de
> Voice: +49 441 9722-582 (-501, secr.) Fax: +49 441 9722-502
> --------------------------------------------------------------
> ----------
> 
> 


More information about the Users mailing list