[Openswan Users] SA established but not ping
Paul Wouters
paul at xelerance.com
Mon Jan 2 18:58:05 CET 2006
On Mon, 2 Jan 2006, sasa wrote:
> "Paul Wouters" wrote:
> > Seems 5.6.7.8 is doing NAT
>
> ..ok but is very strange that:
>
> Jan 2 17:54:26 fw2 ipsec__plutorun: ...could not start conn "princ-cardito"
>
> ..and then:
>
> Jan 2 17:54:49 fw2 pluto[5278]: "princ-cardito" #3: STATE_QUICK_R2: IPsec
> SA established {ESP=>0x4e571584 <0x30c7f1ea xfrm=3DES_0-HMAC_MD5
> NATD=5.6.7.8:4500 DPD=none}
> ...
> 0 10.0.1.0/24 --> 192.168.0.0/24 --> tun0x1002 at 5.6.7.8
Not really if NAT is involved. Initiating might work while responding might fail,
or visa versa, when assymtric routing with/without NAT is happening.
Paul
More information about the Users
mailing list