Hi,
I've a problem with a FreeSwan gateway behind a NAT Router. The Setup looks
like this.
|
| Internet
|
| external IP Adress
-----------
| router |
-----------
| 192.168.7.254
|
|
| 192.168.7.0/24
|
|
| 192.168.7.1 (static NAT behind ext. IP)
-------------
| Firewall& |
| VPN |
-------------
|
| LAN 192.168.70.0/24
-----------------------------------------------
On the other end, bad luck, there's a checkpoint firewall one. The CP Logfiles
always shows "no proposal choosen". My FreeSwan config looks like this:
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=3
disablearrivalcheck=no
authby=secret
keyexchange=ike
keylife=1h
lifetime=1h
conn link
right=192.168.7.1
rightsubnet=192.168.70.0/24
rightfirewall=yes
rightnexthop=192.168.7.254
left=<ext.CP IP>
leftsubnet=10.173.231.0/24
leftnexthop=<Nexthop after CP>
auto=start
pfs=yes
Is there any Change to make FreeSwan communicate the external static NAT ip to
the Checkpoint machine? Because it expects the Tunnel to come from <external
ip address) as shown in sheme above.
thanx & best regards
Daniel
-- Daniel Tombeil | Proud member of www.admindu.de email: dt_at_admindu.de | www: http://daniel.home-of-the-dudes.comAdmindu.de Webmail Services powered by Open WebMail Project (http://openwebmail.org)
_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:24 CEST