[Openswan Users] When do I need the NAT patch?

Michael Richardson mcr at sandelman.ottawa.on.ca
Tue Mar 23 16:54:12 CET 2004


>>>>> "Faber" == Faber Fedor <faber at linuxnj.com> writes:
    Faber> I'm setting up openswan on a RH Linux box to connect to a Linksys
    Faber> BEFSX41 router (which is NATting) to reach another RH Linux
    Faber> box inside the firewall.  

    Faber> If I RTFMed properly, I do NOT need to apply the
    Faber> NAT-Traversal patch, right? I should be able to make this
    Faber> work as a simple (?!) Road Warrior setup, possibly using PSK right?

  Assuming you are terminating the IPsec on the Linksys box, that is
correct.

  I recommend using raw RSA keys rather than PSK if the Linksys box will
support that.

--
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [




More information about the Users mailing list