From: Patrick Berlinger (paddyb_at_gmx.at)
Date: Mon Nov 25 2002 - 17:51:25 CET
And how could i solv this problem?
Mit freundlichen Grüßen,
Patrick berlinger
> Nov 22 13:13:25 vpntest pluto[3478]: packet from 80.133.230.55:500:
> ignoring Vendor ID payload [SSH Communications Security IPSEC Express
> version 4.1.0] Nov 22 13:13:25 vpntest pluto[3478]: packet from
> 80.133.230.55:500: ignoring Vendor ID payload
> [draft-stenberg-ipsec-nat-traversal-01]
> Nov 22 13:13:25 vpntest pluto[3478]: packet from 80.133.230.55:500:
> ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-02]
> Nov 22 13:13:25 vpntest pluto[3478]: packet from 80.133.230.55:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Nov 22 13:13:25 vpntest pluto[3478]: "hintzm"[1] 80.133.230.55 #1:
> NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00: peer is
> NATed
The roadwarrior is NATed but the source port is still 500. This is often
due to IPSec-Passtrough functionnality and the NAT device drops every
packet it can't understand (especially ESPinUDP packet).
Perhaps I should add a warning note when this is the case.
-- Mathieu Lafon - Arkoon Network Security _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Mon Nov 25 2002 - 05:20:55 CET