From: Nate Carlson (natecars+freeswan_at_natecarlson.com)
Date: Thu Oct 31 2002 - 22:04:45 CET
On Thu, 31 Oct 2002, Javier García de Bringas wrote:
> I'm thinking about doing an IPSec tunnel to a remote server using
> FreeS/WAN. However, my PC has a private IP address and there is a router
> doing NAPT in order to allow it and some other PCs to access Internet. I
> have no way of changing anything in the router as it is owned by my ISP.
> How can I do a VPN using FreeS/WAN in this situation? I understand the
> problems NAT creates to IPSec connections, however I know some vendors
> have implemented non-standard extensions to IPSec in order to pass
> through NAT. The one I've seen encapsulates IPSec in TCP packets, so NAT
> doesn't affect the encrypted neither the authenticated part. Are there
> any such extensions in FreeS/WAN? Is it something under development
> (maybe I could help with it), or in the contrary it isn't been thought
> about at all?
Apply the NAT-T patches.
http://open-source.arkoon.net/
------------------------------------------------------------------------
| nate carlson | natecars_at_natecarlson.com | http://www.natecarlson.com |
| brainbench mvp for linux admin -- http://www.brainbench.com |
| Depriving some poor village of its idiot since 1981 |
------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 05:20:36 CET