[Openswan Users] NAT & noNAT
paul at xelerance.com
Wed Sep 21 13:52:15 EDT 2011
On Tue, 20 Sep 2011, Pete Ashdown wrote:
>> It shouldwork if you have rightsubnet=%no,%priv
> Thank you Paul. I'm guessing this should have a vhost: after the =? It
> didn't work without it.
>> Note the "%no" means no NAT, and the "%priv" means "NAT on any of the
>> listed IPs within virtual_private".
> Why are they both in the LTP-PSX-NAT connection section? What triggers NAT
> traversal? I presume that a more logical way to do this would be to have:
> conn L2TP-PSK-NAT
> conn L2TP-PSK-noNAT
> But Openswan prevents me from defining rightsubnet twice in one config.
Yeah, in that example you leave out the rightsubnet in L2TP-PSK-noNAT
I do not use two conns, I use one conn.
More information about the Users