[Openswan Users] Openswan to Sonicwall - IKE config incorrect
Peter McGill
petermcgill at goco.net
Thu Mar 12 14:15:38 EDT 2009
It would really help to see your ipsec logs.
grep 'pluto' /var/log/* > ipseclog.txt
Peter McGill
IT Systems Analyst
Gra Ham Energy Limited
> -----Original Message-----
> From: users-bounces at openswan.org
> [mailto:users-bounces at openswan.org] On Behalf Of Peter Butler
> Sent: March 12, 2009 1:54 PM
> To: users at openswan.org
> Subject: Re: [Openswan Users] Openswan to Sonicwall - IKE
> config incorrect
>
> I think you're right. I've just run wireshark on the Openswan
> box and I
> can see packets coming back from Sonicwall. I guess this
> means that NAT
> is working at least. However, Sonicwall is still only giving me the
> "NO-PROPOSAL-CHOSEN" response.
>
> Cheers
>
> Peter
>
> -----Original Message-----
> From: Lawrence Manning [mailto:lawrence.manning at smoothwall.net]
> Sent: 12 March 2009 17:33
> To: Peter Butler
> Cc: users at openswan.org
> Subject: Re: [Openswan Users] Openswan to Sonicwall - IKE config
> incorrect
>
>
> On 12 Mar 2009, at 17:24, Peter Butler wrote:
>
> > Ah, I think NAT might be the problem. According to this, my network
> > provider (Vodafone UK) uses NAT and port address translation:
> >
> > http://forum.vodafone.co.uk/index.php?showtopic=7813
> >
> > Does this mean I won't be able to use Openswan (or any other IPSec
> > client) with this network provider?
>
> NAT-T mode IPSec (network packets encapsulated in UDP packets as
> opposed to ESP) should pass through vodafone's NATing gateway just
> nicely.
>
> Openswan (and other 'swans) support NAT-T, assuming the config as
> "nat_traversal=yes".
>
> Hope that helps,
>
> --
>
> Lawrence Manning
> Lead Developer
> Smoothwall Ltd. - http://www.smoothwall.net/
>
> SmoothWall Limited
> 1 John Charles Way
> Leeds LS12 6QA
> United Kingdom
>
> Phone:
> 1 800 959 3760 (USA, Canada and North America)
> 0870 1 999 500 (United Kingdom)
> +44 870 1 999 500 (all other countries)
> Fax:
> +44 870 1 991 399
>
> SmoothWall Limited is registered in England, Company Number: 4298247
>
> This email and any attachments transmitted with it are
> confidential to
> the intended recipient(s) and may not be communicated to any other
> person or published by any means without the permission of
> SmoothWall
> Limited. Any opinions stated in this message are solely
> those of the
> author. See: http://smoothwall.net/company/email.php for the full
> text of this notice.
>
>
>
>
>
>
> ______________________________________________________________
> _________
> The information contained in this e-mail is confidential and
> may be privileged. It is intended for the addressee only. If
> you are not the intended recipient, please delete this e-mail
> immediately. The contents of this e-mail must not be
> disclosed or copied without the sender's consent. The
> statements and opinions expressed in this message are those
> of the author and do not necessarily reflect those of the
> company. The company does not take any responsibility for the
> views of the author.
>
> Registered Office: IT-Freedom Limited, 9 Minster Court,
> Tuscam Way, Camberley, Surrey GU15 3YY
> Registered in England, Number: 04500346
> ______________________________________________________________
> _________
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-294632
> 7?n=283155
More information about the Users
mailing list