[Openswan Users] openswan/xl2tpd server behind nat

[Gurvinder Singh]

Hi

I am using Openswan U2.4.9/K2.6.15.7 (netkey). my openswan/xl2tpd server is
behind the nat (static ip), i m not able to connect winxp ipsec/l2tp client
to openswan server which is also behind the nat(dynamic ip). when i use
direct static ip on openswan server then it works but when i put behind the
nat, its not working.  I am unable to find the problem.

Following is my ipec.conf configuration:-

version 2.0

config setup
        nat_traversal=yes
        uniqueids=no
        plutodebug="control parsing"
        virtual_private=%v4:
10.10.10.0/16,%v4:192.168.0.0/16,%v4:172.16.0.0/16
        strictcrlpolicy=no



include /etc/ipsec.d/examples/no_oe.conf

conn  road
        left=10.10.10.125
        right=%any
        rightsubnet=vhost:%priv,%no
        auto=add
        authby=rsasig
        failureshunt=reject
        disablearrivalcheck=no
        rightrsasigkey=%cert
        leftprotoport=17/1701
        rightprotoport=17/1701
        leftsendcert=yes
        leftrsasigkey=%cert
        leftcert=test.pem
        leftid="C=IN,ST=test,L=test,OU=test,CN=test,emailAddress=
test at test.cxm"
        pfs=no
        type=transport
        keylife=8h
        rekey=yes
        rekeymargin=9m
        keyingtries=3
        leftnexthop=10.10.10.1
        dpddelay=30
        dpdtimeout=120
        dpdaction=clear
        compress=no
        auth=esp

Is there any solution for this problem..?

Thanks for help in advance.


Best regards

Gurvinder Singh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070903/abee0d96/attachment.html