Comment 4 for bug 1938571

New error with ipsec.conf:3 nat_traversal - which is obsolete and shouldn't be there.

With todays problem, i recommend the following:

git diff
diff --git a/neutron_vpnaas/services/vpn/device_drivers/libreswan_ipsec.py b/neutron_vpnaas/services/vpn/device_drivers/libreswan_ipsec.py
index 90731f7a4..5b5f648b2 100644
--- a/neutron_vpnaas/services/vpn/device_drivers/libreswan_ipsec.py
+++ b/neutron_vpnaas/services/vpn/device_drivers/libreswan_ipsec.py
@@ -106,7 +106,6 @@ class LibreSwanProcess(ipsec.OpenSwanProcess):

     def start_pluto(self):
         cmd = ['pluto',
- '--use-netkey',
                '--uniqueids']

         if self.conf.ipsec.enable_detailed_logging:
diff --git a/neutron_vpnaas/services/vpn/device_drivers/template/openswan/ipsec.conf.template b/neutron_vpnaas/services/vpn/device_drivers/template/openswan/ipsec.conf.template
index 450bef517..bf06cd95d 100644
--- a/neutron_vpnaas/services/vpn/device_drivers/template/openswan/ipsec.conf.template
+++ b/neutron_vpnaas/services/vpn/device_drivers/template/openswan/ipsec.conf.template
@@ -1,6 +1,5 @@
 # Configuration for {{vpnservice.id}}
 config setup
- nat_traversal=yes
     virtual_private={{virtual_privates}}
 conn %default
     keylife=60m