Re: [Ipsec-tools-devel] Ongoing problems with ipsec-tools and D-LINK 624
Brought to you by:
mit_warlord,
netbsd
From: Marcus L. <ml...@no...> - 2005-09-08 16:58:10
|
Matthias Scheler wrote: > >It sounds like it doesn't even allow one. ;-) > Seems to work for my Contivity client, for whatever that's worth. It's only ipsec-tools that seems to cause it to go running home to momma. > >And you don't need VPN passthrough for multiple IPsec clients anyway. >Outgoing UDP on ports 500 and 4500 is good enough. I've succesfully >run (for testing purposes) two VPN clients behind a Netgear WGU624 >which was not configure to suppport IPsec at all. > > Kind regards > > > Perhaps I'll give that a try--turn off VPN passthrough entirely, and allow 500 and 4500 to be let through. I think it would depending on how the NAT works for UDP. Clearly, two clients trying to negotiate IKE at the same time could concievably confuse the NAT. -- Marcus Leech Mail: Dept 1A12, M/S: 04352P16 Security Standards Advisor Phone: (ESN) 393-9145 +1 613 763 9145 Advanced Technology Research Nortel Networks ml...@no... |