[Swan] Multiple clients behind the same NAT IP get dropped - IPSec / xauth
Paul Wouters
paul at nohats.ca
Thu Jun 16 13:28:03 UTC 2016
On Wed, 15 Jun 2016, Tony Whyman wrote:
> As I type, I am using 3.17 and currently have three clients all behind the same NAT router all with active ipsec connections to two different remote servers - and can ping both. This
> setup normally works fine, although I have noticed the occasional confusion which usually requires a NAT router reset to resolve. It could be your problem is with the router rather than
> libreswan.
>
> There's nothing clever about my setup. A mix of Ubuntu 12.04 and 14.04 with basic road warrior setups. The server sides looks like this, with netkey and nat-traversal:
I think that is because you use tunnel mode, not transport mode that is
used with L2TP.
Paul
More information about the Swan
mailing list