[VPN] Completely transparent VPN between NATed sites
Ryan Malayter
rmalayter at bai.org
Mon Aug 18 11:27:22 EDT 2003
Almost and IPsec device can do it. We've used both SonicWall and Nokia/Checkpoint devices.
All we did was set up a security association for the remote private network, using its public address as the Ipsec gateway. We did the same thing on the other device, and both talk to each other just fine. Basically, the gateway address doesn't have to bear any relationship to the network in an SA.
-----Original Message-----
From: Sam Wun [mailto:samwun at yahoo.com]
Sent: Saturday, August 16, 2003 1:03 AM
To: Ryan Malayter; vpn at lists.shmoo.com
Cc: VPN at lists.shmoo.com
Subject: RE: [VPN] Completely transparent VPN between NATed sites
How can you do that? what product do you used to set it up? Is there any tech doc I can find?
thanks
sam
Ryan Malayter <rmalayter at bai.org> wrote:
We have just such a setup, and every protocol or application I've tried has worked fine. To the machines on each netowrk, the VPN tunnel look just like a plain old "pass-everything" router.
-----Original Message-----
From: René Matthäi [mailto:matthaei at gmx.de]
Sent: Friday, August 15, 2003 5:00 AM
To: vpn at lists.shmoo.com
Subject: [VPN] Completely transparent VPN between NATed sites
Hi,
do you think it is generally possible to run a setup such as
LAN-A ----- FW/NAT =====(internet)===== FWL/NAT ----- LAN-B
192.168.1.x 192.168.2.x
so that _everything_ works, including FTP, LDAP, H.323...?
I mean, practically possible :-)
I am interested in both suggestions for specific hardware and also
especially the OpenSource solutions FreeS/WAN, KAME and builtin ipsec
under the *BSDs.
Greetings,
René
_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpnom
http://lists.shmoo.com/mailman/listinfo/vpn
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
More information about the VPN
mailing list