Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Port forwarding revisited



Bill Horne said:

> However, I also have a VPN client on one of my internal machines (call
> it Omega for illustration), in order to access Verizon's network from
> home. This client works OK when Omega is connected directly to the cable
> modem, but can't originate a connection when the Linux box is doing
> masquerading.

IPSec is not designed to work with NAT, however some implementations
of VPN software that use IPSec have hacks to make it work.  For
example, the Cisco VPN concentrator has a -n option on the Linux
client (and a check box on the Windows client) to enable NAT
transparency.  I have no idea what software you're using, so I can't
tell you what to do.

There are also patches to the Linux kernel that help make this work if
your client doesn't do it for you, but I have little knowledge of them
so I can't offer much help there.  You might try poking around at
www.freeswan.org for some hints...  And I've also heard that they
don't work reliably, but I don't know.

You might also try posting this question on GNHLUG, as there are a
couple of people there who may have answers.  You might also mention
what software you're using...

-- 
Derek Martin
Senior System Administrator
Mission Critical Linux
martin at MissionCriticalLinux.com

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org