[Openswan Users] VPN tunnel established but could not transfer data for one roadwarrior setup and could transfer data for another roadwarrior setup

Mohamed Mydeen.A mohamedmydeen.a at jasmin-infotech.com
Mon Apr 7 07:17:43 EDT 2008 

Hi Peter,

Just enable NAT-T.  This should work for you.  Can you please check my
ipsec.conf file in previous mail if you wish. I have proceeded based on
this. I can do Ping.  I got this information from Alex. Thanks Alex.

Hi Alex,

What do IP Forwarding with NAT-T ? 

If I am giving echo "1" > /proc/sys/net/ipv4/ip_forward at console, will
this too help me to solve this issue instead of NAT-T.  Actually I have not
tried it yet.


Thanks & Regards,

Mohamed Mydeen A
Engineer - DSP Software
Jasmin Infotech Private Limited
Plot No. 119, Velacherry Tambaram Road,
Opposite to NIOT
Pallikkaranai
Chennai 
India - 600 100.
Tel. : +91-44-3061 9600
Mail: mohamedmydeen.a at jasmin-infotech.com
##################################Disclaimer#############################
Information contained in this E-MAIL being proprietary to Jasmin Infotech
Pvt. Ltd.
is 'privileged' and 'confidential' and intended for use only by the
individual or entity 
to which it is addressed. You are notified that any use, copying or
dissemination of
the information contained in the E-MAIL in any manner whatsoever is strictly
prohibited.
########################################################################
-----Original Message-----
From: peter chen [mailto:esamore0913 at gmail.com] 
Sent: Monday, April 07, 2008 4:42 PM
To: Mohamed Mydeen.A
Cc: users at openswan.org
Subject: Re: [Openswan Users] VPN tunnel established but could not transfer
data for one roadwarrior setup and could transfer data for another
roadwarrior setup

HI,

  I do have the same problem with your situation. Although I
established the tunnel,  I still cannot ping each other. I try to
enable and disable the NAT-T, but I got the same result.

1.AP-VPN01<--> Internet <--> AP-VPN01

2.Below is my ipsec.conf:

version 2.0
config setup
  interfaces=%defaultroute
  klipsdebug=none
  plutodebug=none
  uniqueids=yes
  nat_traversal=yes

conn chief-link4
        forceencaps=yes
        leftupdown=
        leftnexthop=%defaultroute
        aggrmode=yes
        left=%defaultroute
        leftsubnet=192.168.1.0/24
        leftid=@test
        rightnexthop=%defaultroute
        right=192.168.2.33
        rightsubnet=192.168.3.0/24
        rightid=@test
        auth=esp
        esp=3des-sha1
        authby=secret
        ike=3des-sha-modp1024
        ikelifetime=3600s
        keylife=28800s
        pfs=yes

3.openswan version: 2.4.9


If you or anyone have any feasible solution to this problem, I will so
appreciate it.

More information about the Users mailing list