|
||||||||
Or you could turn on NAT traversal (NAT-T) on your concentrator which would encapsulate IPSec traffic on UDP 4500 outbound. Thank you, Jake Seitz -----Original Message----- From: Tom Obermayr [mailto:to at bla dot net] Sent: Thursday, November 18, 2004 7:05 AM To: m0n0wall at lists dot m0n0 dot ch Subject: [m0n0wall] Cisco VPN Client behind m0n0wall hi, I do have a problem with a client system using Cisco VPN client behind m0n0wall. Apparently there are different settings on the Cisco Concentrator that change the way the VPN connection is established. I have 3 different VPN entries in the Cisco client, two of which work just fine behind m0n0wall, whereas the 3rd one only works without the firewall. Looking at the firewall log, it seems that the VPN Concentrator is trying to connect to the client on port 500/UDP, which fails, of course. Maybe some kind of VPN client detection could be integrated, which automatically detects internal VPN clients trying to establish VPN sessions, and then allows the separate connection back in to go through? regards, tom. --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |