|
||||||||
On 4/25/07, Aaron Cherman <aaronc at morad dot ab dot ca> wrote: > I'm running 1.3b1 with nothing special other than outbound NAT enabled, and a number of VLANs. > > I gave a customer that is trying to connect to an IPsec server behind our NAT. If I set him up to use one of our 1:1 public IPs everything works fine. If I set him up behind our NAT (10.61/16) it will not connect. > > I know about the limitations of m0n0wall and NAT-T. Which don't exist as of one of the 1.3 versions. Maybe not until 1.3b2 though. Regardless, that only comes into play when m0n0wall is the IPsec endpoint. If you disable source port re-mapping (see advanced outbound NAT) it may fix it. -Chris |