[Openswan Users] Openswan servers behind NAT connection fails

Utkarsh Shah utkarsh at elitecore.com
Wed Jan 17 06:19:26 EST 2007 

> Hi,
>
> I am using openswan 2.4.5 and all the openswan server are behind nat.
> i have 4 sites connecting each other.
>
> from site A i am able to connect to site B & site C but not site D
> from site D i am able to connect to site B & site C but not site A
>
> in /var/log/secure
> i found at inititor
> Jan 17 15:36:31 1169028391 pluto[470]: "yyyyy" #94: transition from 
> state STATE_MAIN_R0 to state STATE_MAIN_R1
> Jan 17 15:36:31 1169028391 pluto[470]: "yyyyy" #94: STATE_MAIN_R1: 
> sent MR1, expecting MI2
> Jan 17 15:36:31 1169028391 pluto[470]: "yyyyy" #94: NAT-Traversal: 
> Result using 3: both are NATed
> Jan 17 15:36:31 1169028391 pluto[470]: "yyyyy" #94: transition from 
> state STATE_MAIN_R1 to state STATE_MAIN_R2
> Jan 17 15:36:31 1169028391 pluto[470]: "yyyyy" #94: STATE_MAIN_R2: 
> sent MR2, expecting MI3
>
>
> and at responder i found
> Jan 17 16:33:43 1169031823 pluto[17609]: ERROR: asynchronous network 
> error report on eth1 (sport=500) for message to 59.95.246.81 port 500, 
> complainant 59.95.246.81: Connection refused [errno 111, origin ICMP 
> type 3 code 3 (not authenticated)]
> Jan 17 16:33:53 1169031833 pluto[17609]: ERROR: asynchronous network 
> error report on eth1 (sport=500) for message to 59.95.246.81 port 500, 
> complainant 59.95.246.81: Connection refused [errno 111, origin ICMP 
> type 3 code 3 (not authenticated)]
> Jan 17 16:34:13 1169031853 pluto[17609]: ERROR: asynchronous network 
> error report on eth1 (sport=500) for message to 59.95.246.81 port 500, 
> complainant 59.95.246.81: Connection refused [errno 111, origin
>
>
>
>     Site A                                                            
>                                                        Site B
> [LAN]----[Openswan]-----[DSL Modem]------[            
> Internet            ]-------[DSL Modem]------[Openswan]-----[LAN]
>                                                                        
> |                |
>                                                                        
> |                |
>                                                                        
> |                |
>                                                                        
> |                |
>                                                                        
> |                |
>                                                             [DSL 
> Modem]  [DSL Modem]
>                                                                        
> |                |
>                                                    Site C           
> |                |        Site D
>                                                                        
> |                |
>                                                             
> [Openswan]    [Openswan]
>                                                                        
> |                |
>                                                                        
> |                |
>                                                                        
> |                |
>                                                                  
> [LAN]           [LAN]
>
>
> can anyone help me to understand whats happening ???
>
>
> Thanks & Regards,
> Utkarsh Shah

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070117/ac215f42/attachment.html

More information about the Users mailing list