[Openswan Users] newbie help - RHEL 3 behind NAT to SonicWall6
Paul Wouters
paul at xelerance.com
Wed Feb 1 19:21:55 CET 2006
On Wed, 1 Feb 2006, Kimberly Knowles Nico wrote:
> I have not yet tried 2.4.5, but I wanted to report this tcpdump as a possible
> clue:
> (42)
> 07:40:43.208691 192.168.2.2 > proxy.vizdom.com: ESP(spi=0x929e42fb,seq=0x16)
> (DF)
> 07:40:44.227513 192.168.2.2 > proxy.vizdom.com: ESP(spi=0x929e42fb,seq=0x17)
> (DF)
>
> Does this point at a router misconfiguration? I am using a Belkin product that
> does NAT.
It can be one of two things:
1) A "helpfull" IPsec passthrough NAT router breaking nat-traversal.
2) One of the two end points did not support nat-traversal and a non-natt IPsec SA
was established that will not work.
Paul
More information about the Users
mailing list