On 14.11.06 12:09 -0800, Michael A. Alderete wrote:
> It is my understanding from reading the manual and the list
> archives that m0n0wall does not support NAT-Traversal, and so you
> cannot use VPN software through a m0n0wall box.
That's not true. m0n0wall only cannot act as an IPsec VPN endpoint
with NAT-T at this time, but that doesn't stop you from using other
VPN clients/servers that do. In fact, Cisco VPN clients work very
well behind m0n0walls (I use one myself as well) - often even without
> That is, this configuration cannot be made to work:
> PowerBook w/ <--> m0n0wall <--> (internet) <--> Central Office w/
> Cisco VPN using Cisco VPN
> Client NAT Server
This should work just fine.
> P.S. Are there any plans to do away with the lack of NAT-Traversal?
> From my reading, it sounds like it would require moving off of
> FreeBSD 4.x. But as security requirements continue to be raised, it
> seems like it's kind of important to allow people to use their work
> VPN connections. --
FreeBSD 6.x will bring us NAT-T support for IPsec VPN tunnels
terminated on m0n0wall itself.