[Openswan Users] Ipsec/l2tp server behind nat, again

Paul Wouters paul at xelerance.com
Wed Sep 24 11:18:06 EDT 2008

On Wed, 24 Sep 2008, Lux wrote:

> Can someone please provide a tested working configuration for running
> openswan ver. 2.6.1x behind nat (server side nat)? 
> My previous question on this topic dated abount 1 week ago did not find a
> solution, so I'd like to restart from the basics with a proven working
> config.

There are examples in testing/pluto/*nat*

There might be a bug in openswan 2.6.16 affecting NAT. Try 2.6.15 or 2.6.14?
There is also a bug in the vhost being parsed I believe in 2.6.x, so
try leaving out the "%no" part in rightsubnet=vhost[....]


More information about the Users mailing list