[ previous ] [ next ] [ threads ]
 From:  Jeff Buehler <jeff at buehlertech dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  nat-t and ipsec limitations
 Date:  Tue, 03 Jan 2006 18:33:36 -0800
Hi all -

I am a little confused about the specific limitations of ipsec tunnels 
in m0n0wall based on the lack of nat-t support in the Freebsd kernel.  
What I need to do is create an ipsec tunnel between two m0n0wall's, and 
then have client workstations(which are NAT'd) behind the first access a 
NAT'd Exchange Server 2003 system behind the other. Will I have problems 
with this, and if so is there a way around it using M0n0wall?  Right now 
the client platforms have the VPN provided to them by a Win 2003 server 
via PPTP to m0n0wall which works fine, but I need the non-M0n0wall 
network to be behind a firewall/router.  If not possible with M0n0wall 
on both sides, any suggestions (PfSense, IPCop, etc.)?  If no one knows 
off the top of their head, no problem, I will set up a little test 
scenario and find out...