> -----Original Message-----
> From: Chris Buechler [mailto:cbuechler at gmail dot com]
> Sent: Wednesday, March 15, 2006 1:15 AM
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] FW: m0n0wall blocks incoming UDP 500
> On 3/14/06, Polus, Tomasz <tomek at polvision dot com dot pl> wrote:
> > Come on guys, I don't believe m0n0wall working as a NAT
> gateway cannot
> > pass returning UDP 500 packets....
> Of course it can. That's not the problem. The problem is
> most likely that you don't have NAT-T enabled on the Linksys
> you're connecting to.
Nope. As I stated before, Linux NAT works great in this configuration.
After switching from Linux to m0n0wall - connection cannot be
Me --- Linux NAT --- INTERNET --- Linksys VPN router = YES
Me --- m0n0wall NAT --- INTERNET --- Linksys VPN router = NO
> The process of NAT breaks IPsec unless the terminating
> device supports and has NAT-T enabled. Previously, you may
> have had ESP forwarded to your machine, but ipfilter doesn't
> support anything but TCP and UDP on non-1:1 forwards.
In other words.... Linux can do it, but FreeBSD cannot? Very
Tomasz Polus, Polvision