[ previous ] [ next ] [ threads ]
 
 From:  Seth Rothenberg <seth at pachai dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Slightly OT: VPN NAT?
 Date:  Mon, 09 May 2005 17:13:27 -0400 (EDT)
This is a bit off-topic, as the site isn't using m0n0wall (YET! :-)

We have a cluster that needs to use a vpn.
We asked the VPN admin for many addresses, but were
told it is being NAT'd to routable addresses,
so we can only have 2.  After some tests, (*)
I realized the simplest next step would be
to get NAT's for 4 addresses.  The remote VPN
manager said, it's no problem to NAT many to 1.

My local VPN manager tells me, VPN NAT is 1:1.

I asked, isn't this similar to
outbound NAT, i.e., infinite to 1?
I was told a VPN is different than a firewall.

If anyone is able to enlighten me,
I would appreciate it.  It's not my job
to be an expert on firewalls/VPNs, but the
more I know about it, the better.
My system is a source and destination for
a few VPN's and there are many more to come.

Thanks
Seth
* - The problem is 2 interfaces on one subnet, which
Google says I can fix by making the second
interface a /32 net - but that will take time,
and I would like resolution on the VPN issue anyway.