Nating to Ipsec adress (m0n0 as VPN client)

From:	"Fractalyzor" <fractalyzor at home dot se>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Nating to Ipsec adress (m0n0 as VPN client)
Date:	Fri, 18 Feb 2005 11:29:57 +0100

Hi

I'll would like to use the M0n0Wall a bit diffrently than it supposed to to be used (if possible).

I have a M0n0 on the inside of our natted net, and made and ipsec tunnel from this to our customer, 

If I connect to the lan side I can connect to the customers net, and If I use the buildin PPTP
server I can connect to their net.
So the ipsec tunnel works perfect.

But what I would like is no "Nat" a couple of ports, ex VNC 5900, so I can use VNC and set the Ip
adress to the WAN address of the M0n0(172.57.0.250) , and get the data toreach and come back my my
vnc client&.

Or even do a 1:1 nating.


Our internal LAN: 172.57.0.X/24
IPSEC M0n0 WAN 172.57.0.250
IPSEC Mono Lan 172.18.0.1/24
Ipsec (from IPSEC M0n0 LAN)tunnel 130.26.x.x/16
My Client at 172.57.0.X

The problem is that I can't put the m0n0 as OUR firewall, due to problem with PPTP and cisco vpn
from multi to multi and same.

Any help is appreciated.


/Fredrik