[Openswan Users] Problem nat traversal

Cristhian Nunez cnunez at onemax.com
Wed Jan 2 23:09:56 EST 2008


Hi list

Im just setting up a openswan behind a nat. My configuration is the 
following:

conn casa-onemax
         left=192.168.1.40
         leftid=1.2.3.4
         leftnexthop=192.168.1.100 (internal default gw)
         leftsubnet=192.168.1.0/24
         leftrsasigkey=....nh7NasAXjnYDe7i/HgSnWe+P4nF
         right=5.6.7.8
         rightnexthop=8.7.6.5 (default gw)
         rightsubnet=172.18.0.0/21
         #rightid=5.6.7.8
         rightrsasigkey=....f8HSmVcdtGkaoSxaxLFxPx8OeJT
         auto=add

i follow this openswan configuration:
http://wiki.openswan.org/index.php/Openswan/NatTraversal

The problem is when i try to start the conection. i can stablish it. 
here the logs:

Jan  3 00:07:15 labrador pluto[7309]: packet from 1.2.3.4:500: received 
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but 
already using method 110
Jan  3 00:07:15 labrador pluto[7309]: packet from 1.2.3.4:500: received 
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jan  3 00:07:15 labrador pluto[7309]: packet from 1.2.3.4:500: initial 
Main Mode message received on 5.6.7.8:500 but no connection has been 
authorized
Jan  3 00:07:16 labrador pluto[7309]: | complete state transition with 
STF_IGNORE

I dont know whats wrong...

Any comments ???

Thanks a lot


Cris





More information about the Users mailing list