[Openswan Users] newbie help - RHEL 3 behind NAT to SonicWall
Paul Wouters
paul at xelerance.com
Thu Jan 26 04:30:10 CET 2006
On Wed, 25 Jan 2006, Kimberly Knowles Nico wrote:
> laptop RHEL 3, 192.168.2.2
> |
> Belkin router/firewall and cable modem performing NAT
> (192.168.2.1, home network is 192.168.2/24)
|
> ipsec_setup: Starting Openswan IPsec 2.3.0...
> 004 "vizdom" #2: STATE_QUICK_I2: sent QI2, IPsec SA established
> {ESP=>0xd00553f0 <0x3e8b4af1 NATOA=0.0.0.0}
Note the weird NATOA entry. Can you try and run openswan 2.4.5rcX and see if
that fixes your nat problems?
> [root at localhost kim]# /sbin/iptables -t nat -A POSTROUTING -o eth0 -s
> 192.168.0.0/24 -d ! 10.1.1.0/24 -j MASQUERADE
That should work.
> 0.0.0.0 192.168.2.1 128.0.0.0 UG 0 0 0 eth0
> 128.0.0.0 192.168.2.1 128.0.0.0 UG 0 0 0 eth0
> 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
You are also running Opportunistic Encryption? You might want to dsiable that
by including /etc/ipsec.d/examples/no_oe.conf.
Paul
More information about the Users
mailing list