[Openswan Users] Unable to connect from behind NATed connection

Paul Wouters paul at xelerance.com
Wed Aug 19 00:06:54 EDT 2009

On Wed, 19 Aug 2009, Leigh Sharpe wrote:

> OK, so now I have:
> conn L2TP-PSK-noNAT

>         authby=secret
>         pfs=no
>         auto=add
>         rekey=no
>         type=transport
>         left=
>         leftnexthop=
>         # For updated Windows 2000/XP clients,
>         # to support old clients as well, use leftprotoport=17/%any
>         # leftprotoport=17/1701
>         leftprotoport=17/0

No left is your end. openswan always uses port 1701, so specify 17/1701 here.

>         right=%any
>         # Using the magic port of "0" means "any one single port". This is
>         # a work around required for Apple OSX clients that use a randomly
>         # high port, but propose "0" instead of their port.
>         rightprotoport=17/%any
>         rightsubnet=vhost:%priv,%no

> Using Openswan Version 2.4.12 

Please try and use 2.4.15. It contains various security fixes.

> And it's still doing the same thing.

Let me know if it is still broken after fixing the leftprotport= setting.

> Is there anything which my 3G provider could be doing which would cause this kind of thing?

Possibly, but I don't think we need to investigate that just now.


More information about the Users mailing list