Mark Huizer schrieb:
> I checked google and the m0n0wall mailinglist for something resembling
> my problems, but I couldn't find anything that was close enough.
> We have a vpn gateway at a public IP address (linux, openswan,
> certificates) using IPSEC/L2TP vpns for Windows XP roadwarriors.
> So far so good, works like a charm.
> Now one roadwarrior has a m0n0wall firewall at home, and he cannot get
> the VPN working.
> The setup is basically:
> VPNGW ---- internet ---- m0n0wall ----- Windows XP
> the m0n0wall is doing nat, no firewalling, just a basic 'insert cd,
> configure lan/wan interfacs and dhcp and connect the windows box'
> install. The version is 1.21
> I installed a minimal FreeBSD system (FreeBSD 6.0) with ipfw/natd, to
> make sure that his Windows configuration wasn't the issue, and as to be
> expected: that worked like a charm.
> It seems that somehow the NAT or some other IP related issue at the
> m0n0wall box is causing this vpn connection not to work.
> The VPN gateway sees traffic coming in, some traffic is exchanged but as
> soon as the NAT-T related stuff should kick in, the problems start.
> With tcpdump on the vpngw I see traffic coming in at udp 4500 as
> expected from the windows box, but no replies. The logfiles at the vpngw
> talk about malformed payloads.
> Is this a known problem? Can anyone provide me with some pointers on how
> to solve this issue, or explain why this is a limitation somehow?
I read about this in the documentation a few days ago:
8.1.2. Remote Access IPsec VPN
I wonder, if this is the issue, that keeps me from connecting to my
m0n0wall via ipsec...
My home Net -- m0n0wall -- the internet -- some nat router -- me wanting
to access my home net
If, and it seems so, the Nat-T issue keeps me/us from connecting, this
is, as already stated, a serious limitation.
Is there any way to get around this?
And, by the way, I'm not in the details, why does PPTP work with the