Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
RE: [suse-security] FreeS/wan trough NATing Router
>You may be able to get manually keyed ESP in tunnel mode to work, but
that's
>suboptimal from a management and security perspective.

Saw websites that recommend this configuration, but it wont work for me as
well.

>The other thing that some people think of as a solution to this problem is
called NAT traversal.
>There's a patch to FreeS/WAN that enables it. It's pretty much a dirty
hack,
>if you ask me, much like NAT is a dirty hack, too.

Yep, this could be the solution. Already found this NAT-T patch. Any
experiences ???

>Are you forced to have NAT take place on that outer router?

??? Its not my router and they had enabled NTA as a kind of "security" :O)

>Cheers,Tobias

Thx a lot Michael

PS: I read something about your secunet on tickers. freeS/wan ipsec for the
certified by RegTP boxes ?
Nice !



< Previous Next >