[Openswan Users] OpenSwan behind a NAT

Daniel Bautista dbautista at duocom.es
Mon Mar 17 05:29:50 EDT 2008


El Viernes, 7 de Marzo de 2008 10:52, escribió:
> On Fri, 7 Mar 2008, Daniel Bautista wrote:
> > But now we want to put B
> > behind a NAT, this way:
> >
> > B: (eth0: 10.36.30.7 - no eth0:0 - default gw 10.36.30.3)
> > router/NAT: (private 10.36.30.3 - public 82.61.105.87)
>
> Your milage may vary, because now you need to have a left= that is part
> of leftsubnet=. I've heard different stories about the success of such a
> setup.

Could you indicate us where to find such configurations?

> > What is the best configuration for this? Do we have to use the
> > nat_traversal option? Do we have to redirect udp ports 500 and 4500 in
> > the router to 10.36.30.7? It seems the router has a NATT option, should
> > we have to use it?
>
> use nat_traversal and virtual_private.

Could you show us and example of using those parameters?

I remember our configuration:

A --> Internet --> router/NAT --> B

A: (eth0 197.221.84.68 - eth0:0 10.36.3.5 - default gw 197.221.84.67)
B: (eth0: 10.36.30.7 - no eth0:0 - default gw 10.36.30.3)
router/NAT: (private 10.36.30.3 - public 82.61.105.87)

It would be great if you could show us an initial configuration for this 
situation.

Thanks in advance!

  Daniel


More information about the Users mailing list