I have a requirement to set up IPsec VPN between my company’s droplet and a network owned by partner company that uses another provider. Tooling:
188.8.131.52and local address e.g
I’ve created a test environment in order to try out the tooling and feasibility of the task, consisting of 2 Droplets that I managed to connect according to the points above, and managed to achieve what I wanted (while testing with my own droplets).
Onto the real case - here’s the description of the remote server (owned by the partner company):
I have managed to set up a VPN tunnel between my droplet and the remote network, according to:
racoonctl show-sa ipsecshowing both in and out directions of the tunnel, with
racoonctl -l show-sa isakmpis showing correct destination and
Phase 2 = 1
However, when I try to ping the
10.100.232.11 address, it hangs, and when partner service pings my internal IP (that I mapped in Security Association Database) they tell me this IP is unreachable.
I have following suspicions:
NAT, while we both configured our VPNs with
NAT Traversal = OFF;
Can someone point me in the right direction? I would be most grateful to whomever could share some knowledge on this topic with me.
Thanks & Regards
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.