VPN through NAT
John Morgan Salomon
john at zog.net
Mon Nov 3 05:05:25 PST 2003
It's possible, but has to do with how VPN-1 is set up.
Read up on the difference between "tunnel" vs. "transport" mode--
I suggest having a look at the Phoneboy archives
(http://www.phoneboy.com).
VPN-1 has a NAT support option, I've had it work a charm with
ipfilter/ipnat, as well as with pf on OpenBSD. Make sure you're
permitting AH/ESP (IP types 50 and 51, I believe) and the original
IKE connectino (UDP/500).
Caveat: double-check the above, it's been a while since I've
needed it.
Cheers,
-John
> Hi all,
> At my firm we use checkpoint VPN-1 so our windows laptop users can
> access the network from remote locations Clients offices etc etc., I'd
> like
> my Freebsd laptop to be able to do the same but i'm not sure if its
> possible
> as most locations are NATed these days and the only doc on getting
> Checkpoint freebsd talking deals with a VPN between two external IPs and
> the
> nets behind them. Has anyone ever tried getting a similar setup as i need,
> to work ?
>
> Thanks
> Vince
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list