[ previous ] [ next ] [ threads ]
 
 From:  "Martin Holst" <mail at martinh dot dk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: Cisco VPN Client behind m0n0wall or on it
 Date:  Wed, 5 Nov 2003 22:00:19 +0100 
My room-mate runs a Cisco VPN Client from m0n0wall DMZ interface to an
external VPN server.

For that to work I just had to add "allow fragmented packets" in the
DMZ-to-WAN rule.

/Martin

-----Original Message-----
From: Falcor [mailto:falcor at netassassin dot com] 
Sent: 5. november 2003 21:03
To: Michael C. Ibarra
Cc: Manuel Kasper; m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Cisco VPN Client behind m0n0wall or on it

in the client set the advanced settings to allow for NAT Transparency.
Then it will work for you.

On Wed, 5 Nov 2003, Michael C. Ibarra wrote:

> OK, braindead question maybe but, how did you do it? Do you have more
than one
> IP address and do a one-to-one IP NAT, or one-to-one port NAT (pat)? I
am using
> just one dyn assigned IP address and perhaps I am not opening the
right ports?
>
> Thanks,
>
> -mike
>
> Quoting Manuel Kasper <mk at neon1 dot net>:
>
> > On 05.11.2003, at 14:48, Michael C. Ibarra wrote:
> >
> > > I was wondering if anyone has been able to sucessfully connect to
a
> > > Cisco VPN
> > > concentrator from inside of a m0n0wall firewall, using the Cisco
VPN
> > > client
> > > software (windows based)
> >
> > Yep, I can definitely confirm that the Cisco VPN client works behind
> > m0n0wall. I have to use it to get into the network of the university
> > I'm currently studying at from home, and it works like a charm both
> > under Windows and Mac OS X (it's got a UDP tunneling mode, though,
so
> > it should even work with the most braindamaged firewalls ;).
> >
> > > Also, has anyone started to look into deploying and/or
> > > adding vpnc to m0n0? (see below)
> > > http://www.unix-ag.uni-kl.de/~massar/vpnc/
> >
> > Not sure if I would want a client for a commercial/proprietary VPN
> > product in m0n0wall...
> >
> > - Manuel
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch