[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] nat-t and ipsec limitations
 Date:  Thu, 5 Jan 2006 22:01:37 -0500
On 1/3/06, Jeff Buehler <jeff at buehlertech dot com> wrote:
> Hi all -
> I am a little confused about the specific limitations of ipsec tunnels
> in m0n0wall based on the lack of nat-t support in the Freebsd kernel.
> What I need to do is create an ipsec tunnel between two m0n0wall's, and
> then have client workstations(which are NAT'd) behind the first access a
> NAT'd Exchange Server 2003 system behind the other. Will I have problems
> with this,

No.  This doesn't affect site to site IPsec, only IPsec VPN client
machines that are behind NAT.  Like a road warrior scenario with a
laptop connecting back to m0n0wall for remote access.