Date: Mon, 3 Nov 2003 13:05:22 -0000 (GMT) From: "John Morgan Salomon" <john@zog.net> To: "Vince Hoffman" <vince.hoffman@uk.circle.com> Cc: freebsd-questions@freebsd.org Subject: Re: VPN through NAT Message-ID: <48737.198.240.212.26.1067864722.squirrel@www.88.net> In-Reply-To: <010101c3a209$4e78f0a0$850f10ac@uk.circle.com> References: <010101c3a209$4e78f0a0$850f10ac@uk.circle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
It's possible, but has to do with how VPN-1 is set up. Read up on the difference between "tunnel" vs. "transport" mode-- I suggest having a look at the Phoneboy archives (http://www.phoneboy.com). VPN-1 has a NAT support option, I've had it work a charm with ipfilter/ipnat, as well as with pf on OpenBSD. Make sure you're permitting AH/ESP (IP types 50 and 51, I believe) and the original IKE connectino (UDP/500). Caveat: double-check the above, it's been a while since I've needed it. Cheers, -John > Hi all, > At my firm we use checkpoint VPN-1 so our windows laptop users can > access the network from remote locations Clients offices etc etc., I'd > like > my Freebsd laptop to be able to do the same but i'm not sure if its > possible > as most locations are NATed these days and the only doc on getting > Checkpoint freebsd talking deals with a VPN between two external IPs and > the > nets behind them. Has anyone ever tried getting a similar setup as i need, > to work ? > > Thanks > Vince > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48737.198.240.212.26.1067864722.squirrel>