[Openswan Users] LAN to LAN tunnel to a Cisco ASA firewall

Maverick maverick.pt at gmail.com
Tue Jun 2 12:08:25 EDT 2009

But if in left parameter i put my lan ip adress and the cisco firewall
expects my public ip won't work right?

Another question, do I need to setup anything in racoon.conf ?

-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com] 
Sent: terça-feira, 2 de Junho de 2009 17:00
To: Maverick
Cc: users at openswan.org
Subject: Re: [Openswan Users] LAN to LAN tunnel to a Cisco ASA firewall

On Tue, 2 Jun 2009, Maverick wrote:

> I've got a public ip address but my openswan machine is behind a router.
> I'm forwarding the 4500 udp port on the router to the lan ip of my
> machine.

You also need udp port 500

> When I try to turn on the tunnel "ipsec auto --up cisco" I get this error:
> 022 "cisco": We cannot identify ourselves with either end of this
> connection.

You configured the IP address of the NAT router for yourself, instead of the
NAT'ed local IP.


More information about the Users mailing list