[ previous ] [ next ] [ threads ]
 
 From:  Adrian Wiesmann <awiesmann at swordlord dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Emailaddress as identifier. WAS: RE: Cisco VPN Client behind m0n0wall or on it
 Date:  Wed, 5 Nov 2003 23:06:01 +0100
> My room-mate runs a Cisco VPN Client from m0n0wall DMZ interface to an
> external VPN server.
> 
> For that to work I just had to add "allow fragmented packets" in the
> DMZ-to-WAN rule.

The same works positively going from LAN to WAN with Netscreen Remote
client software.

Another question: 

Is it possible to add the EMailaddress as an option at the "My identifier"
input field in the Phase 1 proposal section in the IPSec configuration
screen? (Besides my IP address, IP address and domainname?)

This would lead to this line here:

> my_identifier user_fqdn "sakane at kame dot net";

Which would allow to at least remove the Netscreen software from the
clients.

Regards,
Adrian