From: Ken Bantoft (ken_at_freeswan.ca)
Date: Sun Jan 12 2003 - 01:54:19 CET
-----BEGIN PGP SIGNED MESSAGE-----
On Sat, 11 Jan 2003, David C. Churchill wrote:
> Would an easier alternative be to disable NAT on the Cisco 1604 then use the
> Linux FreeSWAN box as a combination VPN Gateway/Firewall/NAT device? I would
> have to move all the port forwarding NAT translations from the Cisco to the
> Linux box, but I think I could handle that. My problem is that I think my
> older Cisco IOS (11.3) wont do IPSec Passthru, although I'm not positive.
> It seems that all the VPN docs on Cisco's website reference IOS 12.x.
> Thanks for your help.
> David
That would be simpler... IOS 11.x doesn't do IPSec passthrough, so you'd
have to setup a bunch of port forwards, and probably get the NAT-T patches
in too. Using the Linux box as a VPN/FW/NAT would eliminate all of the
complexity.
- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
PGP Key: finger ken_at_bantoft.org
"We can factor the number 15 with quantum computers. We
can also factor the number 15 with a dog trained to bark
three times." -- Robert Harley, 5/12/01, Sci.crypt
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBPiC8vliWUusaxGxpAQEqjQQAozATeduIclP4d6x/6nPJy43GvPuThJmV
xyWMkMNs8Knhr7wtHNPbxqlEkfnLiBJs+T1aOU8cq99tVRfxVhVgdwY4zsiGwl7V
t518ocBx79HpNEer3K+V2MjSn+JZKpA0r/sV1WbFlAifVZqgvMcEcTR24yFk4tKX
I7e+jdSOnjk=
=J1OA
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sun Jan 12 2003 - 05:21:07 CET