Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] VPN masquerading
>thanks for your help, but as far as i see these settings are for a vpn
>endpoint *at* the firewall (firewall == vpn server, otherwise i wouldn't
>have an ipsec0 interface (or am i missing something)). what i try to
>is forward the vpn to a masqueraded server (i.e. a server with a private ip
>address). the variant vpn server == firewall would work, but sadly is not
>option for our configuration.

Sorry for misunderstanding your problem. As some of the follow ups already
describe the are patches for the kernel and the freeswan sources to go
such a NATing gateway.

I run such a patch that does what i expected. My working example goes as

subnet1 ---

I choosed:

kernel 2.4.18 from
freeswan 1.97 from

and patch from and all works fine after some hours :O)



< Previous Next >