[Openswan Users] Openswan NAT Problems

[Colin John Talbot]

Hello,

I was hoping that someone could help me.

I'm running Openswan 2.4.12 on ubuntu and followed the setup guide at
http://www.natecarlson.com/linux/ipsec-l2tp.php which is running
perfectly.

However when I try to connect to the server which is public facing with
no firewalls enabled from a windows xp sp2 client which is behind a NAT
Firewall I get the following error on the server:

...

Nov  4 13:24:54 CJ-Filer pluto[7848]: "roadwarrior-all"[1] 195.26.42.82
#1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer
is NATed

...

Nov  4 13:24:54 CJ-Filer pluto[7848]: "roadwarrior-l2tp-oldwin"[1]
195.26.42.82 #2: STATE_QUICK_R2: IPsec SA established {ESP=>0x4062c9a1
<0x2f4704af xfrm=3DES_0-HMAC_MD5 NATD=195.26.42.82:42837 DPD=none}

Nov  4 13:24:59 CJ-Filer pluto[7848]: ERROR: asynchronous network error
report on eth0 (sport=4500) for message to 195.26.42.82 port 42837,
complainant 86.28.177.52: No route to host [errno 113, origin ICMP type
3 code 1 (not authenticated)]



Any ideas on what I'm doing wrong?

Many thanks for your time.

Colin.