[ previous ] [ next ] [ threads ]
 From:  Alen Stimec <alenstimec at gmail dot com>
 To:  Lee Sharp <leesharp at hal dash pc dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Can please somebode read these post ? ;)
 Date:  Wed, 30 Nov 2005 20:49:30 +0200
Helo !

Thanks For Your reply!!!! courently im using nortel contivity 100 for
these IPSEC.

It is a bit difficult to explain all because i dont have any data from
the VPN end.
What means: they give IPSEc Identifier/preshared key/ and one IP/32
witch have to be setted up in VPN as local Single host.
the connection encription is simple md5/des/df1

So in my nortel settings i have to do:
* Enable IP forwarding
* Make an Addtional IP on eth1 device (the IP they give me)
* And say that IPsec goes out over these IP address /i guess i can
archeive these in static routing in m0n0.

Because i didnt find out on internet if somebode else were able to do
it with other hardware i was not trying...now that i know that
SnapGear did it..i guess we are able to do it also over monowall.

Any other hint, how to put another LAN IP on m0n0 and in upsec for my
destination use these ip?
should i use ServerNAT? proxyArp??!?

thx in advance


2005/11/30, Lee Sharp <leesharp at hal dash pc dot org>:
> From: "Alen Stimec" <alenstimec at gmail dot com>
> > DOES anybode have an idea how to "translate the SnapGear" VPN
> > connection described below to m0n0Wall?
> > Please, i would apreciate a repy to the post..at leas once....
> OK.  I don't know.  :-) That is usually the reason no one responds to a
> message.  The knowledge may be there, but what you presented is a confusing
> mess.  Try reframing the question a bit.
> First, what is the problem you are having?  I just read all three, and
> followed your links, and googled Sabre, and I still don't know what your are
> trying to do, or what the problem is.  All you have is a HowTo from some
> other third party firewall.  Didn't Sabre give you anything at all?
> As for the ip tables stuff...
>          iptables -t nat -I POSTROUTING -d -s
> -j SNAT --to-source xxx.xxx.xxx.xxx
> This is NAT.  We do it in a GUI.  I am not familiar with iptables, but you
> might check http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO.txt to
> see what is being done, and then do that in the GUI.
>                         Lee
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

Alen Stimec