|
||||||||||
bimbo wrote: > James W. McKeand ha scritto: >> Aaron with Morad wrote: >> >>> Nevermind, found in the documentation that IPsec through m0n0 >>> doesn't work. >>> >>> http://doc.m0n0.ch/handbook/ipsec.html >> >> >> It is not as much as an "IPSec through m0n0" as much as it is an >> "IPSec through NAT" issue. It does not matter if it is a m0n0wall, >> Linksys box, or anything else doing the NAT - IPSec does not handle >> NAT well (unless NAT-T in involve - i.e. NAT Transversal). > > Mmmm... > If I set two monowall box (one at home, one at office) I can't use vpn > ipsec? > > samba-----switch-------monowall------router-----internet------router---- --monowall-----samba > > Is it not possible ? > > Samba is a machine of LAN connected to a switch. > monowall is connected to the same switch of samba througth LAN > inteface. A point to point IPSec VPN is slightly different than a remote access IPSec VPN - sometimes called a mobile user VPN. M0n0wall to m0n0wall IPSec will work - as will m0n0wall to Cisco or m0n0wall to Smoothwall, etc. The m0n0walls will handle the connection. Using an IPSec VPN software client (SafeNet SoftRemote for example) ***WILL*** have problems connecting to a m0n0wall IPSec VPN from behind a NAT. (per http://doc.m0n0.ch/handbook/ipsec.html#id2598274) I have had success with using Netgear's VPN client (branded SafeNet SoftRemoteLT) to access SonicWalls and Netgear VPN routers from behind my m0n0wall. Those SonicWalls and Netgears handle NAT-T appropriately - apparently m0n0walls don't handle NAT-T appropriately. _________________________________ James W. McKeand |