On Wed, May 14, 2008 at 11:22 AM, John Smith
<john at privateproductivity dot com> wrote:
> I should clarify... Both ends of the VPN will be behind firwalls (so I think
> IPsec won't work).
It can work behind another firewaii, in one of two ways.
a) From the upstream firewall, forward to the m0n0wall: UDP port 500,
ESP (IP protocol ID 50) and AH (IP protocol ID 51).
b) Use latest 1.3b m0n0wall, enable NAT-Traversal in the tunnel config
and forward only UDP port 500 to the m0n0wall.
I am using method a) at two different sites, and some other people on
the list have reported using NAT-T successfully.