Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] how to enable ipsec over firewall?
Am Mon, 2002-09-16 um 21.23 schrieb Jochen Staerk:
> Hi List,
> I need to have access to an external cisco VPN 5000 system from a
> windows box through a Suse Linux Masquarading Router (NAT to german
> T-DSL), the Suse Linux is 6.4 with a 2.2er kernel.
>
[...anything that doesn't matter here...]

It will not work!

The problem is, IP protocol 50 (ESP) will not be NATed correctly. There
is only the possibility to use encapsulated ESP (ESP over UDP).
For Windows there is AFAIK only the F-Secure VPN Version 5.40 that
supports ESPoUDP only! against a F-Secure Gateway.

FreeS/WAN has NAT-Traversal in a patch, i think...

regards, good luck,

Erik

>
--
we strongly urge you, to use encryption
http://gnupg.org

"If you think cryptography will solve the problem, then you don't
understand cryptography and you don't understand your problem."

< Previous Next >
Follow Ups
References