Re: [Users] Please help with NATed gateway

From: Carl Peto <cpeto(at)blueyonder.co.uk>
Date: Tue Mar 30 2004 - 18:45:33 EST

Which firewall did you turn off?

Have you checked that UDP port 500 traffic is getting through to the Linux boxes and that the boxes themselves are not running their own firewalls that might drop packets?

It looks like the UDP packets between the IKE daemons are just getting dropped.

After checking this and trying to find out where the packets might have got lost, it would be a good idea to turn on plutodebug in both config files and then output the contents of the log file (probably /var/log/messages) so that you can paste it on this mailing list. Then the experts on this list can hopefully figure out what's wrong.

• Original Message ----- From: "Robert £adogórski" <robertl@pascom.pl> To: <users@mj2.freeswan.org> Sent: Tuesday, March 30, 2004 8:20 AM Subject: [Users] Please help with NATed gateway

> Hello, and first: sorry for my english. Please, help.
192.168.2.3)--<192.168.2.0/24>
>
> Why it doesn't work?
[OK]
> Linux FreeS/WAN 2.05
> Checking for IPsec kernel support: found KLIPS
[OK]
> Checking that pluto is running

[OK]
> Two or more interfaces found, checking IP forwarding
[OK]
> Checking NAT and MASQUERADEing
> Opportunistic Encryption DNS checks:
> Looking for TXT in forward map: /myname/
> [OK]
> Does the machine have at least one non-private address?
[OK]
> Looking for TXT in reverse map: xx.yyy.zzz.qqq.in-addr.arpa.
[OK]
> Looking for TXT in reverse map: /my.domain.@myname/.in-addr.arpa.
[OK]
> Linux FreeS/WAN 2.05
> Checking for IPsec kernel support: found KLIPS
[OK]
> Checking that pluto is running

[OK]
> Two or more interfaces found, checking IP forwarding
[OK]
> Checking NAT and MASQUERADEing

---

FreeS/WAN Users mailing list
users@lists.freeswan.org
https://mj2.freeswan.org/cgi-bin/mj_wwwusr Received on Tue Mar 30 18:56:03 2004