I had responded apparently about the same time you did, but mine was suggesting to use the ipsec.o module (filename incomplete). Wouldn't that allow the pass through, i thought that was the intent of the module. or is it specifically for ipsec type pass through ONLY. in that case, how does a VPN differ from IPSec? i thought creating the vpn was the result of configuring IPSec?
joey -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Newmiller Sent: Saturday, December 21, 2002 11:28 AM To: Colin Helliwell Cc: Colin Helliwell; [EMAIL PROTECTED] Subject: Re: [leaf-user] Need help with Cisco VPN client through (Dachstein) LRP On Sat, 21 Dec 2002, Colin Helliwell wrote: > I have an LRP box (running a Dachstein distribution) which has been working > fine for months doing the 'basic' internet access stuff. I now have a Cisco > VPN client installed on my company laptop and am having trouble getting it > to work through the router to the company server - it is currently failing > in the initial 'IKE' negotiation phase, from what I can tell. > Could anyone please advise on what configuration changes would be needed to > LRP and its filter rules etc to get it connecting? The client software is > configured to use UDP rather than TCP. I have looked at a load of howto's > and previous postings, but they mostly seem to refer to when the router box > is one end of the VPN which I don't think applies in my case - I just need > it to route the traffic between my client and company server. > > Any advice much appreciated. I don't think IKE is supported for masquerading. The problem is that it encodes the network information for the client inside the protocol, and that protocol is proprietary so it is not possible to make masquerading module to support forwarding that traffic. The Cisco is seeing your private addresses inside the encrypted packets and giving up on you. Get your admins to enable IPSec or make your connection from outside your network. --------------------------------------------------------------------------- Jeff Newmiller The ..... ..... Go Live... DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/Batteries O.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --------------------------------------------------------------------------- ------------------------------------------------------- This SF.NET email is sponsored by: Order your Holiday Geek Presents Now! Green Lasers, Hip Geek T-Shirts, Remote Control Tanks, Caffeinated Soap, MP3 Players, XBox Games, Flying Saucers, WebCams, Smart Putty. T H I N K G E E K . C O M http://www.thinkgeek.com/sf/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ------------------------------------------------------- This SF.NET email is sponsored by: Order your Holiday Geek Presents Now! Green Lasers, Hip Geek T-Shirts, Remote Control Tanks, Caffeinated Soap, MP3 Players, XBox Games, Flying Saucers, WebCams, Smart Putty. T H I N K G E E K . C O M http://www.thinkgeek.com/sf/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
