[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Antw: RE: [m0n0wall] IPSec-Client behind NAT??
 Date:  Tue, 25 Jan 2005 13:50:42 -0500 
Christian ERDT wrote:
 > Hi !!
 >
 > The vpn Server is a m0n0wall (at home) ...
 >
 > i will connect from office ... (behind NAT)
 >
 > i can  connect with the ipsec client ....
 >
 > but i can not ping a client behind the m0n0wall
 >
 > when i hab a public IP (without nat) i can ping all clients behind the
 > m0n0wall with the same settings
 >

That's because FreeBSD doesn't support NAT-T, which is required for
IPsec to work behind NAT on the remote end.
http://m0n0.ch/wall/list/?action=show_msg&actionargs%5B%5D=79&actionargs%5B%5D=36

Unfortunately, there's no way to fix that at this point.  OpenVPN,
which is in the current beta versions, might be a good solution.

-Chris