On Sun, Mar 05, 2000 at 10:02:01AM -0600, Pat Hayden wrote:
> RE: VPN software behind ipchainsI tried to setup ipchains with the firewall
> wide open, and allowed ALL traffic to and from the network. BUT, I suspect
> that somehow IPSEC checksums are being corrupted in the process of NAT,
> because even with the firewall wide open, I could not get a connection. If
> I wanted the extranet connection full time, I would look into setting up the
> firewall for branch tunnelling, but what I really need is an on-demand
> solution.
I am usually using TCP based VPN solutions in case of NAT setups. Especially
if you need to do reverse-NAT through a masquerading gateway. tunnelv,
ppp-over-ssh and some others are good for this. UDP based CIPE should work,
too.
For Linux there is a PPTP Masquerading support...
Greetings
Bernd
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
