So does this imply that I also need a NAT Traversal Patch for GRE for my problem to get PPTP to work? My network looks the same as the network in your art (^^), but my VPN gateway is a PPTP box. My kernel is 2.4.10, stock SuSE 7.3. What's strange is that things were working fine before I rebooted the box. I can install 8.1 if people think that will save a lot of problems. Thanks a lot! Brian

Hi list,

I does not found anything reliable while googling and so I'll ask you.

Assuming you've IPSec-VPN gateways that are behind NATing routers (which are not yours) you'll need a NAT Traversal patch for free/SWan IPSec to tunnel the VPN traffic, cause the NAT modifies the packets and unpatched free/SWan won't work than properly.

--------------- ----------------- | VPN Gateway |--| NATing Router |--- Internet ---| --------------- ----------------- I N E --------------- ----------------- T | VPN Gateway |--| NATing Router |--- Internet ---| --------------- -----------------

ASC-II art - is'nt it :O?

Does the new implementation of IPSec in kernel >=2.5.45 include such mechanism or do i have to patch thoose kernels too?

Thx in advance

Michael

-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here