Probably he should configure iptables to do forwarding for the IPSEC IP protocols, e.g. ESP (-p 50) and AH (-p 51)
On Fri, 2007-08-10 at 13:48 -0400, Brad Wheeler wrote: > I appreciate the response, thank you, I hope I am not being too thick, so > humor me if you will. > > The VPN Router is most defiantly behind NAT using PAT (I would assume), I am > concerned that I might be seeing the effect of the IPSEC implementation > being used, where it is attempting to transmit only the ESP with a SPI, > therefore there is no defined destination port in the packet, and I am > unsure if Wisp-Dist supports a mechanism (or for that matter if one > exists) to decipher the correct destination, since it would appear that the > administrator has simply applied port forwarding for incoming data on 500 > and 443 to the static local IP of the VPN router. Thanks again.. > > > -BW > > > > > On 8/10/07, Vladimir Ivashchenko <[EMAIL PROTECTED]> wrote: > > > > > > I would presume that you are behind NAT? You can configure static > > reverse NAT if you are establishing VPN from the same internal IP. > > > > On Fri, 2007-08-10 at 12:35 -0400, Brad Wheeler wrote: > > > I need some help understanding whether or not WISP-Dist is able to > > > pass-through IPSEC or PPTP VPN traffic. I am attempting to connect to a > > VPN > > > router (RV042) behind a WISP-Dist that I have no ability to administer > > and > > > can only suggest modifications. When I currently attempt to establish a > > VPN > > > connection using IPSEC over port 443, (Linksys QuickVPN client) I am > > > successful to a point where ESP (Encapsulated Security Payload) is sent, > > at > > > that point I receive back ICMP responses of (Destination Unreachable: > > > Protocol Unreachable). This is leading me to believe that pass-through > > of > > > this protocol is not possible, but before I attempt PPTP (which I hope > > is > > > supported ??) I wanted to see the response from the mailing list. > > Thanks.. > > > > > > > > > -BW > > > > > ------------------------------------------------------------------------- > > > This SF.net email is sponsored by: Splunk Inc. > > > Still grepping through log files to find problems? Stop. > > > Now Search log events and configuration files using AJAX and a browser. > > > Download your FREE copy of Splunk now >> http://get.splunk.com/ > > > _______________________________________________ > > > leaf-wisp-dist mailing list > > > leaf-wisp-dist@lists.sourceforge.net > > > https://lists.sourceforge.net/lists/listinfo/leaf-wisp-dist > > -- > > Best Regards, > > Vladimir Ivashchenko > > Chief Technology Officer > > PrimeTel Cyprus - www.prime-tel.com > > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > leaf-wisp-dist mailing list > leaf-wisp-dist@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-wisp-dist -- Best Regards, Vladimir Ivashchenko Chief Technology Officer PrimeTel Cyprus - www.prime-tel.com ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ leaf-wisp-dist mailing list leaf-wisp-dist@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-wisp-dist
