[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-users
Subject: Re: [Openswan Users] no connection is known for...
From: Mark Frost <mfrost () westnet ! com>
Date: 2004-05-26 1:44:58
Message-ID: 40B3F69A.3030709 () westnet ! com
[Download RAW message or body]
So is there anything else I might be able to try at this point?
Thanks
Mark
Mark Frost wrote:
> The OpenSwan gateway is really a router in that it sits on the
> internal and external networks. There's another box, a Nexlan box,
> that does NAT for the users on the internal network (172.16.*.*). The
> OpenSwan gateway does not translate packets for users nor are any
> packets from users on the internal network routed there. (I made a
> crude picture of this in an earlier post).
>
> Yes, the rightsubnet=192.168.1.0/24 line was uncommented and once
> again, I got the line saying "no connection is known for..." despite
> the fact the the certificate DN's and allowable IP's seem to match the
> output of ipsec auto --status.
>
> Mark
>
> Jacco de Leeuw wrote:
>
>> Mark Frost wrote:
>>
>>> And in my case, I've got NAT on both sides with the OS gateway
>>> acting as a gateway (but not the NAT server) on the non-roadwarrior
>>> side.
>>
>>
>>
>> Is there really NAT on the Openswan server? Well, there is, you probably
>> do NAT for clients on the internal network accessing the Internet, but
>> IPsec packets coming in from roadwarriors are not NAT-ed on the Openswan
>> server, are they? So the IP address on your internal interface eth1 is
>> something like 172.16.0.48 ?
>>
>>> IPsec passthrough was enabled. I just turned it off and tried
>>> again. It doesn't seem to have any effect.
>>
>>
>>
>> Damn, I was hoping that this was it. The rightsubnet line was
>> uncommented,
>> right?
>>
>> Jacco
>
>
> _______________________________________________
> Users mailing list
> Users@lists.openswan.org
> http://lists.openswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic