[Openswan Users] Help with vpn Client Through-NAT
mikewill at twcny.rr.com
Sun Sep 3 11:18:57 EDT 2006
I could use a hand/advice with trying to get a linux VPN client chatting
with a linksys rv042 through a linksys RT31P2 running NAT...
RW (linux 2.6.15) RT31P2 rv042
192.168.15.104 --> 192.168.15.1 / RT31.P2.IP.ADDR <-->
RV042.EXT.IP.ADDR / 192.168.0.0/24
The encryption method is shared key, my understanding is that kernels >
2.6.6 contain the necessary support for nat traversal (read somewhere on
the openswan wiki...)?
Here is my ipsec.conf file:
# Left security gateway, subnet behind it, nexthop toward right.
# Right security gateway, subnet behind it, nexthop toward left.
w.x.y.z is my NAT box's assigned internet IP address
w1.x1.y1.z1 is the remote end's assigned internet IP Address
ipsec_setup: Starting Openswan IPsec 2.4.4...
ipsec_setup: insmod /lib/modules/2.6.15-26-386/kernel/net/key/af_key.ko
ipsec_setup: insmod /lib/modules/2.6.15-26-386/kernel/net/xfrm/xfrm_user.ko
->ipsec auto --up cl
104 "cl" #2: STATE_MAIN_I1: initiate
010 "cl" #2: STATE_MAIN_I1: retransmission; will wait 20s for response
And die there. My routes look like this...
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
192.168.0.0 192.168.15.1 255.255.255.0 UG 0 0 0
192.168.15.0 0.0.0.0 255.255.255.0 U 0 0 0
0.0.0.0 192.168.15.1 0.0.0.0 UG 0 0 0
I've got IPSec passthrough enabled for the RT31P2 configured, but see no
traffic related to initiate from either router (in their log files).
Can anyone provide a hint as to what I'm doing wrong, or a Fine Manual
that I can go and read? So far what I've been any to google seems to
focus on using OpenSwan from a server perspective, not so much a
client... particularly through a NAT box...
More information about the Users