[Openswan Users] NAT-T Does not work with Linux Kernel 2.6.18?
Paul Wouters
paul at xelerance.com
Sat Jun 20 12:42:55 EDT 2009
> We are using Openswan 2.4.8 (KLIPS + NAT_T)
upgrade to at least 2.4.14
> The Network topology is as follow:
> 192.168.0.0/24---------left_vpn(10.0.0.0/8)---------NAT Router---------Router---------NAT
> Router--------right_vpn(20.0.0.0/8)-------200.0.0.0/24
> Using Redhat Linux 9.0 (Kernel 2.4.20) our configuration worked correctly as expected and the two networks (192 and 200) could
> ping each other, but using CentOS-5.2 (Kernel 2.6.18) with the same configuration, the tunnel establishes but no ping. The
> packet reaches the other network. tcpdump on the middle router shows udp nat-t encapsulation(ESP) going to the other end but no
> reply. The other vpn does not do anything with the packet. Any solutions appreciated. There is no firewall on any system or
> between. Any help would be appreciated.
It should work, show us logs (or ipsec barf)
Paul
More information about the Users
mailing list