[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Antw: RE: [m0n0wall] IPSec-Client behind NAT??
 Date:  Tue, 25 Jan 2005 13:50:42 -0500
Christian ERDT wrote:
 > Hi !!
 > The vpn Server is a m0n0wall (at home) ...
 > i will connect from office ... (behind NAT)
 > i can  connect with the ipsec client ....
 > but i can not ping a client behind the m0n0wall
 > when i hab a public IP (without nat) i can ping all clients behind the
 > m0n0wall with the same settings

That's because FreeBSD doesn't support NAT-T, which is required for
IPsec to work behind NAT on the remote end.

Unfortunately, there's no way to fix that at this point.  OpenVPN,
which is in the current beta versions, might be a good solution.