[Masq] Re: SecuRemote IP-IP Masquerade?

Thu, 2 Sep 1999 04:37:04 -0700 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */



> Date: Wed, 1 Sep 1999 18:30:49 -0400
> From: Justin Wienckowski <[EMAIL PROTECTED]>
> Subject: [Masq]  SecuRemote IP-IP Masquerade?
> 
>   I'm attempting to run SecuRemote VPN software on a Windows workstation
> that's behind a Linux firewall.  Problem here is that the SecuRemote client
> software wants to use IP-in-IP packets (protocol 94), which the Linux
> firewall can't masquerade.
> 
>   My internal Windows workstation is IP 10.10.1.113, so plain routing
> doesn't help.  I was wondering if anyone's had success using SecuRemote
> in a similar setup or if anyone has written a masquerading module for
> linux that handles protocol 94.
> 

I had asked a similar question a month or so ago, about a product that
Sun puts out for Solaris and Win32 (SunScreen Skip), only they use
protocol 49, or something like that, and got no real help on it...
someone suggested ipfwd (can't find the URL now, somewhere at MIT (big
help, I know)) in combination with some of the PPTP patches, but we
could never get those working.  Doing a snoop on both sides of the
linux machine definatly showed that it entering in, but never leaving,
so it definatly was a linux based problem (bot sure if it was a masq
problem, or not, though)...

I ended up using ppp over ssh (from the VPN mini-howto) in combination
with some IPMASQ to implement our VPN instead...

I would be interested to know whether anyone does get some product
like this working, however...  

-- 
 +--------------------------------+-------------------------------+
 | In the stream of consciousness | Lines In The Sand, taken from |
 | There is a river crying        |        Dream Theater's        |
 | Living comes much easier       |     Falling Into Infinity     |
 | Once we admit  We're dying     |                               |
 +--------------------------------+-------------------------------+
                Michael Burstin: [EMAIL PROTECTED]
                  http://www.cs.brandeis.edu/~mikeb/
Coalition Against Unsolicited Commercial Email: http://www.cauce.org


_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to