[Openswan Users] FC3 VPN server behind NAT not working... HELP....

Deepak Naidu deepak_nai at yahoo.com
Fri May 6 13:11:51 CEST 2005


NO PROPS....

I have solved it...

Resolution.  Just change the public ip to private ip
if  ur vpn server is behind NAT....


--- Deepak Naidu <deepak_nai at yahoo.com> wrote:
> Hi,
> 
>  I have configured Openswan 2.3.1(which includes NAT
> patch) and also pacthed a NAT patch for VPN server
> running behind NAT
> 
> Server Openswan 2.3.1 on FC3 
> Client winxp with sp2 using l2tpd/ppp conenction,
> using 
> dialup
> 
> When connecting for XP using VPN dialer with l2tpd
> settings, i get error in vpn secure log stating
> 
> May  6 13:38:26 eftest pluto[30001]: packet from
> 202.149.x.x:500: ignoring Vendor ID payload
> [Vid-Initial-Contact]
> May  6 13:38:26 eftest pluto[30001]: packet from
> 202.149.x.x:500: initial Main Mode message received
> on
> 192.168.2.214:500 but no connection has been
> authorized
> 
> Port 500, 4500 and 1701 is natted to my VPN server
> from the gateway.
> 
> I only see port 500 packets in tcpdump at my
> internet
> gateway.
> 
> IS the NATTING patch working or is there any
> workaround.
> Please help me ....
> 
> If uall need any info, please let me know.
> 
> Regards,
> Deepak
> 
> ***********
> My server ipsec.conf is below.
> ***********
> 
> version 2.0
> config setup
>         interfaces=%defaultroute
>         klipsdebug=none
>         plutodebug=none
>         overridemtu=1410
>         nat_traversal=yes
>        
>
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
> 
> conn %default
>         keyingtries=3
>         compress=yes
>         disablearrivalcheck=no
>         authby=secret
>         type=tunnel
>         keyexchange=ike
>         ikelifetime=240m
>         keylife=60m
> 
> conn roadwarrior-net
>         leftsubnet=192.168.2.0/24
>         also=roadwarrior
> 
> conn roadwarrior-all
>         leftsubnet=0.0.0.0/0
>         also=roadwarrior
> 
> conn roadwarrior-l2tp
>         leftprotoport=17/0
>         rightprotoport=17/1701
>         also=roadwarrior
>         type=tunnel
>         keyexchange=ike
>         ikelifetime=240m
>         keylife=60m
> 
> conn roadwarrior-net
>         leftsubnet=192.168.2.0/24
>         also=roadwarrior
> 
> conn roadwarrior-all
>         leftsubnet=0.0.0.0/0
>         also=roadwarrior
> 
> conn roadwarrior-l2tp
>         leftprotoport=17/0
>         rightprotoport=17/1701
>         also=roadwarrior
> 
> conn roadwarrior-l2tp-updatedwin
>         leftprotoport=17/1701
>         rightprotoport=17/1701
>         also=roadwarrior
> 
> conn roadwarrior
>         pfs=no
>         left=202.149.x.x
>         leftnexthop=202.149.x.x
>         right=%any
>         rightsubnet=vhost:%no,%priv
>         auto=add
> 
> 
> 
> 		
>
___________________________________________________________
> 
> How much free photo storage do you get? Store your
> holiday 
> snaps for FREE with Yahoo! Photos
> http://uk.photos.yahoo.com
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 


Linux your Life, Don't Window it [[]] 

               { All for the best }





		
___________________________________________________________ 
How much free photo storage do you get? Store your holiday 
snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com


More information about the Users mailing list