[Swan] libreswan/racoon interoperability problem with NAT-T
Paul Wouters
paul at nohats.ca
Sat Apr 8 22:09:57 UTC 2017
On Fri, 7 Apr 2017, Xinwei Hong wrote:
> I just upgraded it to 3.20. I built libreswan without specifying any parameter. I don't need klips in my setting anyway. I also added virtual-private=%v4:10.0.0.0/8. Still not working.
> The NAT part, I'm not sure why you say that. I still see same "no suitable connection for peer '10.0.3.3'" error, but I believe it's found inside of isakmp pkts. I did tcpdump on both
> machines, the ip was nat'ed. e.g. only see 10.0.3.3 on one side and 199.204.218.98 on the peer side.
>
> I can upload new log if needed.
I can have a look if you upload new logs. But please do not use that
dropbox API because I cannot search and scroll through that. A link
the actual files would be better so I can download these and have a
look.
Paul
More information about the Swan
mailing list