[Openswan Users] NAT & noNAT
Paul Wouters
paul at xelerance.com
Tue Sep 20 13:55:56 EDT 2011
On Tue, 20 Sep 2011, Pete Ashdown wrote:
> I'm using the l2tp-psk.conf from the examples directory and I can connect
> NAT clients just fine if I have nat_traversal=yes. However, when I try
> to connect a non-NAT public IP, I get messages about "no connection is
> known". I have to change nat_traversal=no and comment out the "conn
> L2TP-PSK-NAT" section, and public addresses can then connect. The
> settings for "virtual_private" seem to make no difference either way.
> How am I misunderstanding the example? Is it not possible for openswan
> to detect a NAT or noNAT from a client and react accordingly?
It shouldwork if you have rightsubnet=%no,%priv
Note the "%no" means no NAT, and the "%priv" means "NAT on any of the
listed IPs within virtual_private".
Note that if you give out IPs that are the same as the local subnet and
you are already on the local subnet, things will fail.
Paul
More information about the Users
mailing list