From: Sam Sgro (sam_at_freeswan.org)
Date: Sat Dec 07 2002 - 01:58:03 CET
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 6 Dec 2002, Fonz wrote:
> I got a linuxbox with static internet ip and freeswan (most recent
> version). Microsoft released IPSec software for win95/98 clients. I also
> run winXP. I once had an internet ip on my client, and was able to
> establish an IPSec connection (but no L2TP..) using a secret passphrase.
> Now I am behind a NAT modem, and am not even able to establish the SA.
>
> I want to be able to let the windows clients from behind NAT work, and
> roadwarriors with internet ips.
If you want to use Nat-Traversal, you'll have to run Windows clients which
support this; the only one I'm aware of is SSH Sentintel.
> Do I have to do anything to enable NAT-T or does it automatically detect
> it from the fact that ESP is UDP encapsulated?
I believe there is one simply setting in SFS's ipsec.conf to enable NAT-T.
- --
Sam Sgro
sam_at_freeswan.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.
iQCVAwUBPfFHnUOSC4btEQUtAQG+ngQAxo/VQiZNiljzrE91Ixj7RKPV1fHH6Nwy
ysImNXKA7KDDL3rtVXueozpG+KA/8kRFeS0Oh5Z+A3XVobGl47Flbl19D7jegwuQ
T3BesHRQznK4o3WfCtIxVEF+W99vvUxwrgNORvjK2HqpF1+DKTN/GDNSFdPDqrey
BedC4j+U6T8=
=YDhf
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sat Dec 07 2002 - 05:20:58 CET