[Openswan Users] NAT-T Does not work with Linux Kernel 2.6.18?

Paul Wouters paul at xelerance.com
Sat Jun 20 12:42:55 EDT 2009

> We are using Openswan 2.4.8 (KLIPS + NAT_T)

upgrade to at least 2.4.14

> The Network topology is as follow:
> Router---------Router---------NAT
> Router--------right_vpn(
> Using Redhat Linux 9.0 (Kernel 2.4.20) our configuration worked correctly as expected and the two networks (192 and 200) could
> ping each other, but using CentOS-5.2 (Kernel 2.6.18) with the same configuration, the tunnel establishes but no ping. The
> packet reaches the other network. tcpdump on the middle router shows udp nat-t encapsulation(ESP) going to the other end but no
> reply. The other vpn does not do anything with the packet. Any solutions appreciated. There is no firewall on any system or
> between. Any help would be appreciated.

It should work, show us logs (or ipsec barf)


More information about the Users mailing list