From owner-freebsd-questions Thu Mar 29 7:38: 3 2001 Delivered-To: freebsd-questions@freebsd.org Received: from be-well.ilk.org (lowellg.ne.mediaone.net [24.147.184.128]) by hub.freebsd.org (Postfix) with ESMTP id A55A237B71A for ; Thu, 29 Mar 2001 07:38:01 -0800 (PST) (envelope-from lowell@be-well.ilk.org) Received: (from lowell@localhost) by be-well.ilk.org (8.11.3/8.11.3) id f2TFc0h13625; Thu, 29 Mar 2001 10:38:00 -0500 (EST) (envelope-from lowell) To: freebsd-questions@freebsd.org Subject: Re: NATD on a VPN account References: <95B669A7D872D41182A600508BDFFB8C01BECAE5@mlbmx7.ess.harris.com> From: Lowell Gilbert Date: 29 Mar 2001 10:38:00 -0500 In-Reply-To: rpotts@harris.com's message of "28 Mar 2001 15:59:16 +0200" Message-ID: <44n1a4h9gn.fsf@lowellg.ne.mediaone.net> Lines: 19 X-Mailer: Gnus v5.7/Emacs 20.7 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG rpotts@harris.com (Potts, Ross) writes: > Is it tru that VPN will break the SMB connectivity from NATted boxes to another > LAN? Right now we are paying a fairly good sized bill for a 256k slice off of a > T1 that is mostly voice. Every PC has it's own IP address. My communications > office says that if I were to host these PCs with NATD over a VPN connection to > the main subnet(they are considering broadband on our end for cost), that there > would be a breakage in the connection to their NT PDC/BDCs and shares. Would a > router/firewall with carefully scripted rules keep us connected, in regards to > SMB? Most VPN technology will not work through a NAT. If encryption is applied to addresses, and a router changes the addresses, then obviously it's going to break. You might be able to use an encrypted tunnel *within* the VPN, but the logical topology (and the address assignments) would get pretty complicated. I realize this explanation was very brief; ask further questions if it's unclear. Be well. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message