It has been my experience that VPN's don't work through any kind of NAT connection. From what I understand it breaks the packet checksum when the destination address is changed in the header. If I am incorrect, please correct me - I hate to mis-inform ;-)
>>> "tefol tefol" <[EMAIL PROTECTED]> 9/19/2003 2:42:22 PM >>> I don't know if this is the right place for all of this, but I can't seem to get any info about this from anywhere, and I am hoping that the knowledgable folk on this list might be the ones who know. Is it possible to set up a VPN from a workstation using a VPN slinet (such as SSH Sentinel) if that workstation is NAT'd? Even if it is a one to one static NAT? SSH Sentinel has sa check box saying tick this for this function, but only if the device the client is connecting to supports the feature. From all I can see, isakmpd doesn't support this feature. There is one question I have that is very pertinent to this group, though. How do I specify the encap interfaces in pf.conf? I need to to setup security policies, don't I ? Thanks and regards, Tefol _________________________________________________________________ Need more e-mail storage? Get 10MB with Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es
