[Swan] Problems converting from OpenSWAN to LibreSWAN

Nels Lindquist nlindq at maei.ca
Wed May 7 21:57:28 EEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 5/7/2014 12:04 PM, Paul Wouters wrote:
> On Wed, 7 May 2014, Nels Lindquist wrote:
> 
>>> Can you give me a new plutodebug=all log? The previous one
>>> just shows no match. It might also help me if you add the
>>> output of "ipsec barf".
>> 
>> Looking through the debug log myself, I noticed a couple of
>> things. The first was that I was seeing "Both are NATted", which
>> is incorrect.
>> 
>> I changed forceencaps to "no", but that didn't fix the issue.
> 
> That's very strange. Are you sure there is no double NAT? If there
> is, your Windows machines might need to have a registry key update
> set for connecting to a server behind NAT:
> 
> http://support.microsoft.com/kb/926179/en-us

Oh!  Sorry, now that I reread that it's extremely misleading!
Changing "forceencaps=no" *did* fix the "Both are NATted" issue; I
meant that the overall problem of not being able to connect wasn't
fixed, and I moved on to looking at the certificate stuff.


- -- 
Nels Lindquist
<nlindq at maei.ca>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlNqghUACgkQh6z5POoOLgSPNACgkVlvLLY0W4mvHs3xUzEcbfbr
hcsAoMIV15mcS8kHgGZSDRtCGxPj+hkY
=9nGx
-----END PGP SIGNATURE-----


More information about the Swan mailing list