Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] how to enable ipsec over firewall?
  • From: Jochen Staerk <jochen.staerk@xxxxxxxxxxxxx>
  • Date: Wed, 18 Sep 2002 08:54:29 +0200
  • Message-id: <3D882325.9010207@xxxxxxxxxxxxx>

Hi List,
I need to have access to an external cisco VPN 5000 system from a windows box through a Suse Linux Masquarading Router (NAT to german T-DSL), the Suse Linux is 6.4 with a 2.2er kernel.

The problem is, IP protocol 50 (ESP) will not be NATed correctly. There
is only the possibility to use encapsulated ESP (ESP over UDP).
For Windows there is AFAIK only the F-Secure VPN Version 5.40 that
supports ESPoUDP only! against a F-Secure Gateway.

FreeS/WAN has NAT-Traversal in a patch, i think...

could you tell me if that patch would be of any use if the protocol can not be natted correctly? And if ESPoUDP is used, how would it work then? Any problems with hardware routers?

regards, good luck,


< Previous Next >