[ale] VPN Protocol Question
Kenneth Ratliff
lists at noctum.net
Wed Apr 15 15:40:34 EDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Apr 15, 2009, at 3:22 PM, Andrew Grieser wrote:
>
> The VPN server will be on a pfSense box that also does the
> following: router, firewall, DHCP server, and DNSmasq.
> The VPN server will have a "real" IP address (ie: no NAT), but as I
> client I expect to be on networks using NAT at least some of the
> time. If I am understanding the protocols, I believe this rules out
> IPSec. Is this true?
The use of NAT does not automatically rule out IPSec, but the use of
pfSense does. pfSense doesn't support NAT-T (NAT Transversal, which is
basically just encapsulating the IPSec packet in a UDP packet), unless
that's changed recently.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)
iEYEARECAAYFAknmODQACgkQXzanDlV0VY5sKQCfeX72ITHAq1mIeKnUUHJfPWOw
y3sAmwQqUA6fYq9rQjHW3C6YDysD0Rm3
=R0+d
-----END PGP SIGNATURE-----
More information about the Ale
mailing list