On Fri, Apr 10, 2009 at 07:18, Mikel Jimenez Fernandez <[email protected]> wrote: > I only have client mode acces posibility, and my question is if is that > possibloe to configure this on pfsense a nat vpon traffic through ipsec > interface for al the hosts of my LAN.
In a word, 'no'. The Cisco concentrator's default client (not tunnel) configuration is by design incompatible with vanilla IPSEC implementations. It pushes a lot of policy and configuration down to the client, not the least of which is a default setting that forces all traffic through the tunnel (preventing LAN communication) and forcefully disconnects the client if the kernel routing table changes. There is one piece of software available (vpnc) that will allow you to break those restrictions and route as you please, but it's not packaged for pfSense. Be careful if you pursue this route - it's pretty noticeable and some companies will terminate you for doing it. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
