TauVPN/ipseccmd behind NAT-T-Router

  • rujobi

    rujobi - 2006-07-14

    Hello everybody,

    TauVPN/ipseccmd are working fine if I establish the VPN over a dialup connection with public IPs.
    When I try to connect over UMTS/GPRS (T-Mobile) with private IPs I'm getting no response from the VPN-Server (IPCOP). Do I have to activate NAT-T on the client side (XP Home)? Has anybody got a working configuration for TauVPN/ipseccmd and NAT-T?


    pluto[1134]    ERROR: asynchronous network error report on ppp0 for message to p ort 500, complainant No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]

    • Stefan Markowitz


      there's a thread on the German ipcop-forum.de about that topic (in the VPN section). Some UMTS providers do NAT on the UMTS connection, which prevents ipsec from working. IIRC, someone on the ipcop-forum has it successfully running with T-Mobile.


    • Stefan Markowitz

      Is the IP address of the UMTS connection in the 10.x.x.x range? If so, try the following:
      Connect via UMTS, then disbale Autodetect IP address in TauVPN and enter the IP which is assigned to the UMTS PPP adapter, and switch to "Public IP". If it works now,
      contact me, you need the new Beta, which is not public yet.


    • rujobi

      rujobi - 2006-07-19

      Hi Stefan,

      even the commercial NCP Secure Entry Client couldn't establish an IPSEC-VPN over T-Mobile UMTS. I studied the IPCOP-Forum and the only solution seems to be, to get a public IP. So I contacted the T-Mobile Hotline and they commited that - in conflict with their own documentation, where they mention the NAT-capabilities of their gateway - IPSEC-VPN only works with a public IP. The T-Mobile employee was so kind, to enable another APN (ca.t-mobile) for my contract.
      TauVPN is working now.

      Anyway, thanks a lot.


      The private IP was in the 127. Class B range. But I tried your proposal - it didn't work that way.


Log in to post a comment.