Hello tefol, Friday, September 19, 2003, 4:42:22 PM, you wrote: tt> Is it possible to set up a VPN from a workstation using a VPN slinet (such tt> as SSH Sentinel) if that workstation is NAT'd? tt> Even if it is a one to one static NAT? I don't think so. But what you _can_ do with isakmpd is to set up a tunnel from the NAT machine to the client and another from the NAT machine to your other host. The weak point is that: 1) You're loading your NAT machine doing encryption. 2) You're doing encription twice. But if you trust you're location wire, then you only need to encript just once, but it's still load on the NAT machine. You can but a $80 VPN accelerator card from http://www.soekris.com that, even thou I haven't used it, really speed things up.
-- Best regards, Alejandro G. Belluscio
