From: Aldo S. Lagana (alagana_at_discmail.com)
Date: Tue Sep 10 2002 - 22:27:36 CEST
It works fine behind a 'masq' system if your 'masq' system doesn't
'mangle' the packets (thus breaking the authentication of ESP)
Kind of like IPSec Passthrough, etc. as a bunch of cheaper routers call
it...
I use it with many endpoints that are behind CISCO routers and the
Freeswan endpoint has only non-routable IPs
-----Original Message-----
From: users-admin_at_lists.freeswan.org
[mailto:users-admin_at_lists.freeswan.org] On Behalf Of Dean Pothorin
Sent: Tuesday, September 10, 2002 12:30 PM
To: users_at_lists.freeswan.org
Subject: [Users] Freeswan with a Satellite connection
Can anyone answer this question?
I have a satellite system using a USB style connection. The satellite
connects to a PC via USB and the USB is given a real IP address.
Unfortunate, only one ip can be given, and the internal for the USB PC
is a non-routable address.
Here is my question. Can Freeswan work with a non-routable IP address?
For example:
Satellite (66.82.100.100) --------- (66.82.80.111) USB PC (192.169.1.1)
----------- (192.168.1.254) Freeswan (10.10.1.0/24) --------------
Internal Network
The local configuration would have to be:
Left = 192.168.1.254
Leftnexthop = 192.168.1.1
Leftsubnet = 10.10.1.0/24
And the other end of the connect (on the real internet) would have to
be:
Right = 66.82.80.111
Rightnexthop = 66.82.100.100
Rightsubnet = 10.10.1.0/24
Traffic for the VPN connection will be routed to the Freeswan box via
the USB PC.
IS THIS POSSIBLE? Can you have a Freeswan box behind a masq system?
This is an interesting one.
Thanks in advance.
DEAN
___________________________________
Dean Pothorin,
Email: Dean_at_PresiNET.com
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Wed Sep 11 2002 - 05:19:58 CEST