[ previous ] [ next ] [ threads ]
 From:  "Nico de Haer" <nico dot dehaer at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  IPSec and NAT
 Date:  Fri, 23 Jun 2006 08:05:32 +0200

Is it possible to connect two LAN's over the internet with the follwoing
(somewhat mandatory in my case) setup? Apologies for my ASCII art :)

[LAN A]-----[m0n0wall A]-----[ADSL router A]----{The internet]-----[ADSL
router B]]-----[[m0n0wall B]-----[LAN B]

Some notes on the above:

* Both routers do NAT
* Public IP adresses for both routers are assigned by DHCP (the leasetime is
very long, so no problems there)
* None of the used LAN segments overlap

I'm hoping to do IPSec but reading the manuals suggests that I'm in trouble
due to the NAT-T issue? If so, is there an elegant and secure way to connect
both LAN's? I do have some experience with IPSec and m0n0wall (have placed
several boxes now doing IPSec but they are all directly connected to the
internet) and I'm very pleased (even compared to some commercial
'solutions') with them!

Thank you for your help!


Nico de Haer