[ previous ] [ next ] [ threads ]
 From:  Nicolai Scheer <scope at planetavent dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  IPSEC and NAT-T
 Date:  Thu, 09 Mar 2006 21:56:20 +0100

I think, I did not understand the ipsec nat-t issue correctly...

Let us assume the following configurations:


Homenet - m0n0 - internet - nat-router - roadwarrior



Homenet with 3rd party vpngw - m0n0 - internet - nat-router - roadwarrior

To my mind, nat-t is needed in setup b) where the roadwarrior tries to
connect to a vpn-gateway behind m0n0wall.

Setup a) is what I did not manage to get running. Why is nat-t needed here?
Is setup a) possible with m0n0 1.21?

The documentation says

"m0n0wall does not support NAT-Traversal (NAT-T) for IPsec, which means
if any of your client machines are behind NAT, IPsec VPN will not work."

Which client? The roadwarrior, or some client behind a m0n0wall trying
to connect to some remote vpn-gateway?

Hopefully someone can enlighten me :)

Thanks in advance,

signature.asc (0.8 KB, application/pgp-signature)