[Openswan Users] NATED IPSEC Server, is it poosible? I get the error: no connection is known for ...

Jacco de Leeuw jacco2 at dds.nl
Tue Jun 28 14:56:14 CEST 2005


foren titze wrote:

> I try to move my ipsec server (with openswan 2.3.1 and kernel 2.6.11) behind a 
> Firewall that does SNAT and DNAT.
> ------------------------
> 80.226.234.106 #2: cannot respond to IPsec SA request because no connection is 
> known for 195.xxx.xxx.22/32===10.0.0.58[C=DE, ST=NRW, L=Duesseldorf, O=xxx, 
> OU=Server-Cert, CN=klaus, E=xxx at www.de]:17/1701...80.226.234.106[C=DE, 
> ST=NRW, L=Duesseldorf, O=xxx, OU=Unix-Admin, CN=klais, 
> E=klais at www.de]:17/1701

Either wait for an updated Openswan (I understand that 2.3.2 is coming up)
or apply the patch by Bernd Galonska:

http://www.jacco2.dds.nl/networking/patches/openswan-2.3.1-NATserver.patch

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list