[Openswan Users] Odd NAT behavior with roadwarrior config
Jacco de Leeuw
jacco2 at dds.nl
Fri Aug 18 11:22:02 EDT 2006
Rick Romero wrote:
> I've got a single box on the internet with two interfaces, but I'm not
> using interface 2. I just want to create a vpn tunnel to my subnet.
You mean you've got two interfaces, both interface 1 (external) and
interface 2 (internal) are up but there is no cable connected to
interface 2? That should not be a problem.
> I followed Nate Carlson's ipsec-l2tp page, and it's working 99% ;)
I'm afraid Nate's webpage is not 100% correct, in particular when
NAT is involved.
> I'm able to make a secure connection, ping both the internal and
> external interface, I can even ping anything on the internet.
> I can do an nslookup, and I can also telnet to any box on the internet,
> BUT I cannot combine the two :) So, for example, I can:
> telnet 184.108.40.206 25
> but I can't
> telnet mail.havokmon.com 25
> even though I can do an nslookup.
Perhaps it's this problem?
Either way, I suspect that it is a Windows network issue. If you
run tcpdump you should be able to see what DNS request are sent
through the connection:
tcpdump -n -l -i ppp0 udp port 53
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users