[Openswan Users] problems with natt, i think
antonio
tony at gaveta.net
Thu Oct 11 04:46:25 EDT 2007
hi, I'm try to establish an tunnel between two Linux machines. one is
directly connect to internet, but the other it's connect behind a
router. i can establish a connection between the two if the both are
connect directly to internet.
this is my log:
"tunel2" #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Oct 11 10:33:08 marces pluto[21262]: | sending reply packet to
89.4.135.1:500 (from port=500)
Oct 11 10:33:08 marces pluto[21262]: | processing connection tunel2
Oct 11 10:33:08 marces pluto[21262]: | sending 68 bytes for
STATE_MAIN_R2 through eth0:4500 to 89.4.135.1:4500:
Oct 11 10:33:08 marces pluto[21262]: | inserting event EVENT_SA_REPLACE,
timeout in 3330 seconds for #1
Oct 11 10:33:08 marces pluto[21262]: "tunel2" #1: STATE_MAIN_R3: sent
MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 11 10:33:08 marces pluto[21262]: | modecfg pull: noquirk policy:push
not-client
Oct 11 10:33:08 marces pluto[21262]: | phase 1 is done, looking for
phase 1 to unpend
Oct 11 10:33:08 marces pluto[21262]: | next event EVENT_NAT_T_KEEPALIVE
in 20 seconds
Oct 11 10:33:08 marces pluto[21262]: |
Oct 11 10:33:08 marces pluto[21262]: | *received 212 bytes from
89.4.135.1:4500 on eth0 (port=4500)
Oct 11 10:33:08 marces pluto[21262]: | processing packet with exchange
type=ISAKMP_XCHG_QUICK (32)
Oct 11 10:33:08 marces pluto[21262]: | ICOOKIE: 94 98 9f a6 bb 4b a6 4e
Oct 11 10:33:08 marces pluto[21262]: | RCOOKIE: ff 29 be 90 f5 03 66 6a
Oct 11 10:33:08 marces pluto[21262]: | peer: 59 04 87 01
Oct 11 10:33:08 marces pluto[21262]: | state hash entry 30
Oct 11 10:33:08 marces pluto[21262]: | peer and cookies match on #1,
provided msgid 9cfb1e5a vs 00000000
Oct 11 10:33:08 marces pluto[21262]: | state object not found
Oct 11 10:33:08 marces pluto[21262]: | ICOOKIE: 94 98 9f a6 bb 4b a6 4e
Oct 11 10:33:08 marces pluto[21262]: | RCOOKIE: ff 29 be 90 f5 03 66 6a
Oct 11 10:33:08 marces pluto[21262]: | peer: 59 04 87 01
Oct 11 10:33:08 marces pluto[21262]: | state hash entry 30
Oct 11 10:33:08 marces pluto[21262]: | peer and cookies match on #1,
provided msgid 00000000 vs 00000000
Oct 11 10:33:08 marces pluto[21262]: | state object #1 found, in
STATE_MAIN_R3
Oct 11 10:33:08 marces pluto[21262]: | processing connection tunel2
Oct 11 10:33:08 marces pluto[21262]: | peer client is 192.168.0.3
Oct 11 10:33:08 marces pluto[21262]: | peer client protocol/port is 0/0
Oct 11 10:33:08 marces pluto[21262]: | our client is 89.4.135.2
Oct 11 10:33:08 marces pluto[21262]: | our client protocol/port is 0/0
Oct 11 10:33:08 marces pluto[21262]: "tunel2" #1: cannot respond to
IPsec SA request because no connection is known for
89.4.135.2[@tunel2-left]...89.4.135.1[@tunel2-right]===192.168.0.3/32
Oct 11 10:33:08 marces pluto[21262]: | complete state transition with (null)
thanks for the help
antonio
More information about the Users
mailing list