[Openswan Users] Unable to connect from behind NATed connection
Paul Wouters
paul at xelerance.com
Wed Aug 19 00:06:54 EDT 2009
On Wed, 19 Aug 2009, Leigh Sharpe wrote:
> OK, so now I have:
>
> conn L2TP-PSK-noNAT
> authby=secret
> pfs=no
> auto=add
> rekey=no
> type=transport
> left=202.134.34.214
> leftnexthop=202.134.34.213
> # For updated Windows 2000/XP clients,
> # to support old clients as well, use leftprotoport=17/%any
> # leftprotoport=17/1701
> leftprotoport=17/0
No left is your end. openswan always uses port 1701, so specify 17/1701 here.
> right=%any
> # Using the magic port of "0" means "any one single port". This is
> # a work around required for Apple OSX clients that use a randomly
> # high port, but propose "0" instead of their port.
> rightprotoport=17/%any
> rightsubnet=vhost:%priv,%no
> Using Openswan Version 2.4.12
Please try and use 2.4.15. It contains various security fixes.
> And it's still doing the same thing.
Let me know if it is still broken after fixing the leftprotport= setting.
> Is there anything which my 3G provider could be doing which would cause this kind of thing?
Possibly, but I don't think we need to investigate that just now.
Paul
More information about the Users
mailing list