From: Stephen J. Bevan (stephen_at_dino.dnsalias.com)
Date: Tue Dec 17 2002 - 19:05:12 CET
Takuhiro Nishioka writes:
> I'm trying to establish FreeS/WAN <=> FreeS/WAN NAT-T connection.
>
> 10.0.0.5 (SG1) -- 10.0.0.1 a.b.c.1 (NAT) -- Internet--+
> |
> 192.168.0.1 a.b.c.2 (SG2) ----------------------------+
>
> SG1 and SG2 are super-freeswan-1.99_kb2.tar.gz
>
> I can access from SG1 to SG2. Is it possible to access from SG2 to SG1? I
> mean, is it possible to establish TCP or UDP session from SG2 to SG1?
Assuming that there is an existing IPsec connection between SG1 and
SG2 (presumably initiated by SG1) then it is possible to establish a
TCP or UDP session from SG2 to SG1. However, as default (Super)
FreeS/WAN doesn't contain the necessary functionality to do this. The
kernel changes required to support this are quite small. I've never
looked at what it would take to change pluto since I did the above
using a different (proprietary) keying daemon.
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Wed Dec 18 2002 - 05:21:04 CET