[ previous ] [ next ] [ threads ]
 
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] FW: m0n0wall blocks incoming UDP 500
 Date:  Tue, 14 Mar 2006 19:15:12 -0500 
On 3/14/06, Polus, Tomasz <tomek at polvision dot com dot pl> wrote:
>
> Come on guys, I don't believe m0n0wall working as a NAT gateway cannot
> pass returning UDP 500 packets....

Of course it can.  That's not the problem.  The problem is most likely
that you don't have NAT-T enabled on the Linksys you're connecting to.
 The process of NAT breaks IPsec unless the terminating device
supports and has NAT-T enabled.  Previously, you may have had ESP
forwarded to your machine, but ipfilter doesn't support anything but
TCP and UDP on non-1:1 forwards.

-Chris