[ale] VPN through NAT firewall

Sean C. McCord scmlist at cycoresys.com
Sun Apr 12 00:40:55 EDT 2009


On Sat, Apr 11, 2009 at 09:15:04PM -0400, Kenneth Ratliff wrote:
>On Apr 11, 2009, at 7:32 PM, Devnull wrote:
>> I really would love to, but I have no money... I'm stuck with this for
>> roght now.
>
>So take the box you want to host the VPN server, turn it into your  
>router, and relegate the Linksys to functioning as a WAP. That'd  
>probably be a whole lot easier than dealing with IPSec NAT Transversal  
>issues

Exactly.  Of course, it is also trivial to tunnel OpenVPN through a
firewall and NAT.  It uses a single port, and you can tell it to use
TCP.  You will, however, then run into problems if you are using a
routed (tun) instead of bridged (tap) VPN, though these are solved by
simple route statements to make certain all the hosts know where to
look for the VPN subnet.

--
Sean C. McCord
scmlist at cycoresys.com
http://www.cycoresys.com


More information about the Ale mailing list