[ previous ] [ next ] [ threads ]
 
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IPSec Pass-Through
 Date:  Sun, 14 Jan 2007 15:30:38 -0500
On 1/14/07, Brad D. <Support at thedempsnetwork dot com> wrote:
>
> #4 Checked and saw that NAT-T is NOT enabled on the Nortel concentrator at
> my work. From what I have read, if this was on I would have no troubles.
>

Yes, the ideal solution, and maybe the only one that'll work, is to
enable NAT-T on the concentrator.

The other thing I'd suggest trying is enabling advanced outbound NAT
and creating a NAT rule using the "disable port mapping" option so the
source ports don't get re-mapped.  Some VPN concentrators don't work
unless you do this.

-Chris