vpn server and DNAT

Hi all,

I've got a problem with my Openswan Installation. But I
found just a
posting, where this problem yet was described.
But unfortunately this posting was not continued, exactly at
that point
where it became to get thrilling for me...
OK, here's my problem, or better, what I'm thinking about
to be my
problem.
I want to realize a VPN with Openswan, l2tpns and freeradius
on the
serverside, and mostly Xp prof on the clientside.
There is a firewall, which ist portforwarding all udp
500,4500 packets
to the vpn-gw, which has an private ip address.
So the thoughts of the client and the server about what's
the left
endpoint of the tunnel are different.
Is there somebody who knows the solution for this problem or
even can
say, ther is no solution?

With kind regards 

Mario
_______________________________________________
Usersopenswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan: 
http://www.amazon.com/gp/product/1904811256/104
-3099591-2946327?n(3155

Mario Caspari wrote:

> I want to realize a VPN with Openswan, l2tpns and
freeradius on the
> serverside, and mostly Xp prof on the clientside.
> There is a firewall, which ist portforwarding all udp
500,4500 packets
> to the vpn-gw, which has an private ip address.
> So the thoughts of the client and the server about
what's the left
> endpoint of the tunnel are different.
> Is there somebody who knows the solution for this
problem or even can
> say, ther is no solution?

There is a patch but apparently it will be fixed in Openswan
2.4.5
(or will it?):
http://www.jacco2.dds.nl/networking/freeswan-
l2tp.html#NATed-server

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl
_______________________________________________
Usersopenswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan: 
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155

On Thu, 30 Mar 2006, Jacco de Leeuw wrote:

> There is a patch but apparently it will be fixed in
Openswan 2.4.5
> (or will it?):
> http://www.jacco2.dds.nl/networking/freeswan-
l2tp.html#NATed-server

I put it in CVS last week, but I noticed other NAT-T
connections failing,
so I'm not sure yet if the patch will be in 2.4.5 final. We
need to do
a few more tests to see it doesn't break things.

Paul
_______________________________________________
Usersopenswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan: 
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155