[Openswan Users] NAT problems
Paul Wouters
paul at xelerance.com
Wed Jan 11 21:37:50 CET 2006
On Wed, 11 Jan 2006, Geert Janssens wrote:
> Thank you for the fast response and sorry to bother you again. I changed the
> configuration to have the vhost rightsubnet on the server only. When I try to
> bring up the connection, it gets stuck in STATE_QUICK_I1.
> On the server I have the following log messages:
> | ***parse ISAKMP Identification Payload (IPsec DOI):
Please do not use pludebug= to debug configuration issues.
> "kobaltwit-to-auxima"[1] 84.195.167.62:4500 #1: cannot respond to IPsec SA
> request because no connection is known for
> 81.83.108.106/32===192.168.2.2:4500[C=BE, L=Grimbergen, O=Kobalt W.I.T.,
> CN=auxima.homeip.net]...84.195.167.62:4500[C=BE, L=Grimbergen, O=Kobalt
> W.I.T., CN=kobaltwit.homelinux.com]===192.168.0.2/32
Are you NATing 81.83.108.106/32 to 192.168.2.2 ? If so, do you have
that range in virtual_private on the server side?
Paul
More information about the Users
mailing list