Hello everybody!
Is there any chance to get ipsec passing through MT?
My setup as follows:
Client - MT - WAN - Router (remote) - Firewall - Server
|--------- IPSEC -----------------------------|
The Client is a Windows XP Pro with SonicWall, MT hat RouterOS 2.8.20.
I think NAT-Traversal should be activated, but where and how can i do that?
Thanks for your help in advance!
kind regards, alex
IPSec (and PPTP for that matter, as well as EoIP), uses the GRE Protocol. You cannot NAT GRE.
If the MT Box has a IP that can been seen by the Firewall, terminate the VPN on the MT. Both endpoints of a tunnel must be able to communicate with each other without re-writing any source or destination address in the IP packet.
–
C
There’s nothing to do on the MT box. However, NAT-T must be supported and turned on at the firewall and the VPN client. This will encapsulate the IPSEC ESP/AH packets in either TCP or UDP packets that will cross a NAT device.
PPTP uses GRE. I’ve got this running across NAT devices without problems.
Regards
Andrew