[Openswan Users] LAN to LAN tunnel to a Cisco ASA firewall

Paul Wouters paul at xelerance.com
Tue Jun 2 12:00:02 EDT 2009

On Tue, 2 Jun 2009, Maverick wrote:

> I've got a public ip address but my openswan machine is behind a router.
> I'm forwarding the 4500 udp port on the router to the lan ip of my openswan
> machine.

You also need udp port 500

> When I try to turn on the tunnel "ipsec auto --up cisco" I get this error:
> 022 "cisco": We cannot identify ourselves with either end of this
> connection.

You configured the IP address of the NAT router for yourself, instead of the
NAT'ed local IP.


More information about the Users mailing list