[Openswan Users] NAT-T and rightid

Giovanni Carbone G.Carbone at reitek.com
Mon Aug 5 13:10:24 UTC 2013


i'm having a little issue with a tunnel (PSK auth) with a Cisco ASA behind a nat. The tunnels goes up and everything works only if I set the rightid with the private IP of the ASA (I think it's the way it is supposed to work).

The problem is the other end doesn't want me to have one of their private IPs configured statically on my side; they may change it "anytime" and they don't want to have to notify me of this change in order to keep up the tunnel (they say that they have many other tunnels working without having to deal with the ASA's private IP on the other end).

So, is there a way to tell Openswan to work only with the ASA's public IP?

Best regards,


Informativa Privacy - Ai sensi del D. Lgs n. 196/2003 (Codice Privacy) precisiamo che le informazioni contenute in questo messaggio sono riservate e a uso esclusivo del destinatario. Ogni uso, copia o distribuzione non autorizzata ? proibita e passibile di sanzioni ai termini di legge. Reitek non ? responsabile di eventuali copie o distribuzioni non autorizzate. Se questo messaggio ? stato ricevuto per errore, preghiamo gentilmente di eliminarlo e di informare il mittente. Grazie.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130805/ace85c38/attachment.html>

More information about the Users mailing list