OpenWrt Forum Archive

Topic: openswan traversal NAT device problem,help me.TH

The content of this topic has been archived on 4 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

I have a problem.
topology:
router1(lan:192.168.1.0/24,wan:10.8.4.46)<--network-->(wan:10.8.4.47,lan:192.168.2.0/24)router2<--
cable-->PC(wan:192.168.2.3).

router1:ipsec server,we already configure nat_traversal option.
router2: NAT device
PC:windows7.
the PC use ipsec software(the greenbow vpn) connect the router1 ipsec server.
now,connected successed,but PC ping 192.168.1.1 not ok.
openswan support the Network topology?
-------------------------------------------------------------------------------------------------
config file:
config ipsec_config setup
option nat_traversal "yes"
option oe "off"
option protostack "netkey"
option force_keepalive "yes"
option keep_alive "60"
config ipsec_conn laptop
option authby "secret"
option type "tunnel"
option pfs "yes"
option rekey "yes"
option ikelifetime "24h"
option salifetime "24h"
option overlapip "yes"
option forceencaps "yes"
option left "%defaultroute"
option leftsubnet "192.168.1.0/24"
option leftnexthop "%defaultroute"
option leftid "@server.com"
option right "%any"
option rightid "@client.com"
option aggrmode "yes"
option ike "aes128-md5;modp1536"
option phase2 "esp"
option phase2alg "3des-sha1;modp1536"
option auto "start"
config ipsec_secret_ss
option secret "123456"

I have solved the problem

The discussion might have continued from here.