[Openswan Users] UDP encapsulation
Paul Wouters
paul at xelerance.com
Wed May 2 10:29:24 EDT 2007
On Wed, 2 May 2007, steve.morard at epfl.ch wrote:
> I'm trying to use UDP encapsulation to avoid that my packets get blocked by a
> firewall. Unfortunately, as I said in another post, it isn't working.
> My question is to know how would openswan react if I use the options
> forceencaps=yes and nat_traversal=yes and that the gateway to which I want to
> connect didn't support this option. Would the IKE negotiation still ends
> succesfully and by default won't use UDP encapsulation or would the IKE
> negotiation fail ?
Both ends need to agree on the option to get enabled. If the remote end
does not support nat-t, forceencaps won't help you.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list