[ previous ] [ next ] [ threads ]
 From:  Wilko Lunenburg <w dot lunenburg at kanteff dot nl>
 To:  "M0n0wall (E-mail)" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  ipsec tunnel with monowall behind nat-router
 Date:  Wed, 7 Sep 2005 17:23:54 +0200
Is is possible to make the following setup work. I am trying to make a ipsec
tunnel to a monowall that is behind a adsl router doing nat. This is the

 ------      ------      ------
 | pc  |     |mono |     |router
 | 1   |-----|wall |-----| NO  |
 |     |     |1    |     | nat |
 ------      ------      ------
                          | WITH|
                          | nat |
                          |mono |
             -------------|wall |
             other lan    |2    |

Just in case it is important, here are the ip-addresses:

pc 1 is on and it uses Safenet Softremote VPN client software.

monowall 1 is on and on (internet side) and it
connects to a router on Both ip-addresses are direct on the

The router on the other side (WITH nat) has (internet side) and on the inside. It has a "default server" setting that should
forward everything to a server on the inside, in this case the monowall 2.

monowall 2 is on and on the local LAN side it is on

Now what is think is that the router WITH nat is the problem because it
changes the ip-address to with the packets are sent. I configured the VPN
client to connect to but the monowall actually is on Is there a way to make this work? Any pointers to documents, my
searches around the net didn't help...


Wilko Lunenburg