[ previous ] [ next ] [ threads ]
 From:  "Brad D." <Support at TheDempsNetwork dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  IPSec Pass-Through
 Date:  Sun, 14 Jan 2007 13:57:04 -0500
I am attempting to connect to a Nortel VPN concentrator at my work via the
Contivity client on my laptop. I am making this connection from behind my
monowall which acts as my home router. I am able to authenticate, but am
unable to pass any data over the VPN tunnel. Here is what I have done to try
to correct this:

#1 Replaced my monowall with a regular 4 port Linksys I had laying around.
Still could not pass data. Same symptoms as the monowall.

#2 Turned on "IPSec Pass-through" on Linksys router. Was able to
successfully connect via Nortel Contivity client.

#3 Put the monowall back up and enabled "Allow fragmented packets" on the
firewall rule that allows the laptop to go to the internet. Still no data
getting passed.

#4 Checked and saw that NAT-T is NOT enabled on the Nortel concentrator at
my work. From what I have read, if this was on I would have no troubles.

#5 Checked the "Allow fragmented IPSec packets" on the Advanced screen. No
dice. I think this is for the built in IPSec VPN server on monowall anyway
and not for IPSec clients. I am not using any IPSec features on the
monowall, but I do have it enabled as a PPTP server.

So the bottom line is that this "IPSec Pass-Through" looks like what I need
to enable. I would have to assume that the monowall, being infinately more
powerful than my crappy Linksys, would be able to support such a feature. I
also would assume that it wouldn't just be a checkbox like it is on the
Linksys. Any assistance would be appreciated.

No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.432 / Virus Database: 268.16.10/625 - Release Date: 1/13/2007
5:40 PM