[Openswan Users] Incorrect xfrm policy with both-NAT client connection

Paul Wouters paul at xelerance.com
Wed Apr 21 12:55:51 EDT 2010

On Wed, 21 Apr 2010, Kevin Locke wrote:

> I am attempting to use Openswan as a VPN client to an L2TP/IPSec VPN
> served from a Windows SBS 2003 server where both the client and server
> are behind NATs (ick) and am confused at (what I percieve to be) the
> incorrect xfrm policy that is configured when the connection is
> created.

> (version 1:2.6.23+dfsg+1 compiled with ALLOW_MICROSOFT_BAD_PROPOSAL).

>From the changelog:

* NAT-OA fixes [David]
* Bugtracker bugs fixed:
    #1004: L2TP broken with NAT'ed clients [dhr/Tuomo/Paul]

Can you try openswan 2.6.25?


More information about the Users mailing list