[Openswan Users] Config openswan for NAT

Peter lli at tecomtech.com
Wed Dec 27 22:07:40 EST 2006


 
Hey All,

I got  problem When a openswan being behind NAT. Below is my configuration.
What's wrong with me?

Thank you in advance.

------------------------------------------------------------------

PC-A  (172.16.12.130)
  |
  |
PC-B (NAT, 172.16.12.142 / 192.168.2.1)
  |
  |
PC-C (192.168.2.100)

------------------------------------------------------------------

PC-B does SNAT  for PC-C:
 $ iptables -t nat -A POSTROUTING -d 172.16.0.0/16 -j SNAT --to
172.16.12.142

------------------------------------------------------------------

PC-C's  /etc/ipsec.conf:

version 2.0

config setup
	nat_traversal=yes
	keep_alive=20

conn subnet-subnet
                left=%defaultroute
	right=172.16.12.130
	auto=start
	authby=rsasig
	leftrsasigkey=.....
	rightrsasigkey=....

include /etc/ipsec.d/examples/no_oe.conf
------------------------------------------------------------------

PC-A's  /etc/ipsec.conf:

version 2.0

config setup
	nat_traversal=yes
	keep_alive=20

conn subnet-subnet
	left=172.16.12.130
                right=172.16.12.142
	rightid=192.168.2.100
	auto=start
	authby=rsasig
	leftrsasigkey=.....
	rightrsasigkey=....

include /etc/ipsec.d/examples/no_oe.conf




More information about the Users mailing list