[ previous ] [ next ] [ threads ]
 From:  "Andreas Gracco" <A dot Gr at ims dot ch>
 To:  "Falcor" <falcor at netassassin dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  AW: [m0n0wall] Why IPSec VPN
 Date:  Thu, 17 Jun 2004 10:03:06 +0200
Hmmm, ok.
But on other firewalls like sonicwall i everytime terminate the tunnel on the LAN interface!
Is this possible why sonicwall supports IPSec NAT traversal and m0n0 not?

I have 2 IPSec VPN tunnels between m0n0walls and sonicwalls, on the m0n0wall the tunnel is
terminated on WAN and on Sonicwall it is terminated on LAN!


-----Ursprüngliche Nachricht-----
Von: Falcor [mailto:falcor at netassassin dot com]
Gesendet: Mittwoch, 16. Juni 2004 17:58
An: Andreas Gracco
Cc: m0n0wall at lists dot m0n0 dot ch
Betreff: Re: [m0n0wall] Why IPSec VPN

It only works one way because the remote site can not "see" your 
internal interface.. E.g. the firewall is doing its job.  You must 
terminate VPN tunnels on IP addresses that can see one another, this is 
very "normal."

Andreas Gracco wrote:

>Why do my IPSec VPN's only work if the local endpoint is my WAN interface?
>I think this isn't normal! 
>If i set the local endpoint to LAN it works only one way! (from LAN behind m0n0 to remote)
>But there are no blocked connections in the log....
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch