Oh thanks!!
So with vpnc and nating in tun0 will be possible?
Thanks
RB wrote:
On Fri, Apr 10, 2009 at 07:18, Mikel Jimenez Fernandez
<mi...@irontec.com> wrote:
I only have client mode acces posibility, and my question is if is that
possibloe to configure this on pfsense a nat vpon traffic through ipsec
interface for al the hosts of my LAN.
In a word, 'no'. The Cisco concentrator's default client (not tunnel)
configuration is by design incompatible with vanilla IPSEC
implementations. It pushes a lot of policy and configuration down to
the client, not the least of which is a default setting that forces
all traffic through the tunnel (preventing LAN communication) and
forcefully disconnects the client if the kernel routing table changes.
There is one piece of software available (vpnc) that will allow you to
break those restrictions and route as you please, but it's not
packaged for pfSense. Be careful if you pursue this route - it's
pretty noticeable and some companies will terminate you for doing it.
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
