|
||||||||
> My room-mate runs a Cisco VPN Client from m0n0wall DMZ interface to an > external VPN server. > > For that to work I just had to add "allow fragmented packets" in the > DMZ-to-WAN rule. The same works positively going from LAN to WAN with Netscreen Remote client software. Another question: Is it possible to add the EMailaddress as an option at the "My identifier" input field in the Phase 1 proposal section in the IPSec configuration screen? (Besides my IP address, IP address and domainname?) This would lead to this line here: > my_identifier user_fqdn "sakane at kame dot net"; Which would allow to at least remove the Netscreen software from the clients. Regards, Adrian |