Re: [Astlinux-users] Forwarding IPsec traffic through Astlinux

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Ah thanks Lonnie. I think I might have read it once but it didn't cross my mind.
I probably need to enable it somewhere too on the terminating device.

Regards
Michael Knill

On 24/8/20, 9:00 am, "Lonnie Abelbeck" <li...@lo...> wrote:

    Michael,

    Remember if IPsec NAT traversal is enabled, UDP 4500 is used.

    4500/udp - NAT traversal

    Lonnie

    > On Aug 23, 2020, at 5:20 PM, Michael Knill <mic...@ip...> wrote:
    > 
    > Hi Group
    >  
    > I don't think I'm doing this correctly and its not working. And yes I realise that Astlinux can terminate IPsec but this is easier (if it works) as the device is already configured.
    > Here is what I am doing:
    > NAT EXT->DMZ UDP 0/0 500 Dest: 192.168.200.2
    > Pass EXT->DMZ ESP 0/0 Dest: 192.168.200.2                       
    > Pass EXT->DMZ AH 0/0 Dest: 192.168.200.2
    > Default Policy for DMZ to EXT: Pass DMZ->EXT
    >  
    > Thanks so much.
    >  
    > Regards
    > Michael Knill
    > _______________________________________________
    > Astlinux-users mailing list
    > Ast...@li...
    > https://lists.sourceforge.net/lists/listinfo/astlinux-users
    > 
    > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

    _______________________________________________
    Astlinux-users mailing list
    Ast...@li...
    https://lists.sourceforge.net/lists/listinfo/astlinux-users

    Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....