[Openswan Users] VPN wxp-NAT-NAT-openswan
Miguel A Felipe
michel at claudiofelipe.com
Sun Sep 17 09:11:18 EDT 2006
I think "something" is going worng with "something" :)
I have now this error so I think the problem is the NAT of the protocol near
the roadwarrior, can anyone has had the same problem?
This error is output with plutodebug=all
Sep 17 09:22:09 cf01fw01 pluto[24009]: ERROR: asynchronous network error
report on eth2 (sport=4500) for message to 80.1.1.1 port 4500, complainant
80.1.1.1: Connection refused [errno 111, origin ICMP type 3 code 3 (not
authenticated)]
My ipsec.conf is right (I think):
version 2.0 # conforms to second version of ipsec.conf specification
config setup
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:172.
23.2.0/24
nhelpers=0
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
type=transport
left=%defaultroute
leftsubnet=80.38.102.7/32
leftprotoport=17/1701
right=%any
rightprotoport=17/1701
More information about the Users
mailing list