[ previous ] [ next ] [ threads ]
 
 From:  Jon Hartwell <jhartwell at tranefcu dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  IPsec VPN passthrough to concentrator
 Date:  Fri, 10 Dec 2004 15:40:45 -0600
I am having a problem passing through multiple VPN tunnels to a
concentrator behind a m0n0wall gateway.  I am only able to establish a
single tunnel using this method.  I have forwarded protocol 50 (ESP) and
UDP ports 500 and 4500 (required by an end point at the remote site).

I am using 1:1 NAT to reach this server via a second public address and
have set up, what I think is; the appropriate mapping and proxy arp
statements.

It appears that the ESP packets are getting through, but UDP ports are
being blocked at the m0n0wall.  I am not receiving and logged events
about ESP being blocked.  I have been able to connect a single remote
m0n0wall vpn to the concentrator.  At this point, I don't know where to
turn.  If I remove the m0n0wall and have the concentrator on a public
address, the vpn will terminate and pass traffic perfectly.
  
Thanks in advance for any help that anyone can offer to this problem.

-- 
Jon Hartwell
Senior Network Systems Coordinator
Trane Federal Credit Union

jhartwell at tranefcu dot org
608-787-7164