On Thu, Dec 02, 2004 at 07:13:59AM -0800, Helge Weissig wrote:
> Jason,
>
> my ESP packets do not go from the external interface to the internal
> one and vice versa. The connection to the VPN server works when I hook
> up directly with no changes other than the IP of the client. I cannot
> see how this would be a problem with the VPN network at all.
>
> h.
looking at your logs--all your ESP packets are from client->server.
you don't have a single ESP packet from server->client. so when you
say, "my ESP packets do not go from the external interface..." you are
ignoring the fact that there are no ESP packets ever getting to your
external interface.
which brings me back to what i said several replies ago:
your VPN server is discarding the ESP packets from your client as a
result of the mangling of your intermediate NAT device.
either make the VPN server more tolerant, or use NAT-T on your client.
-j
--
"Ah, good ol' trustworthy beer. My love for you will never die."
--The Simpsons
