IPSec thru NAT
Adam P. Zimmerer
adamz at ECONET.COM
Tue Feb 8 15:15:07 EST 2000
Hello,
I have a situation where an Ascend/Lucent Pipeline 50 is connecting to the
Internet via an ISDN dial-up account. It has NAT enabled and the default
server under NAT settings is the IPSec VPN device which is also the LAN's
default gateway. The Pipe50 is only connected to this device and not the
rest of the LAN. The LAN users get all other types of traffic (i.e. HTML,
IKE, POP3, SMTP, etc.) but the IPSec packets get dropped, as the Pipe50's
NAT software does not know what to do with them. (There is no firewall on
the Pipe50.)
I know the easiest solution is to turn off NAT and get multi-host static or
dynamic - dial-up or dedicated Internet access but the money people don't
want to spend the extra money if at all possible.
Does anyone know of an ISDN router that will pass IPSec packets through NAT?
Take care,
Adam Zimmerer
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list