[Openswan Users] Windows box as VPN client and router
Ken Bantoft
ken at xelerance.com
Thu May 27 22:50:11 CEST 2004
Many Windows-based IPsec client block IP forwarding, or at least IP
forwarding over IPsec tunnels. You will need to adjust the policies to
explicitly allow this traffic to be NAT'd, and then allowed over the
tunnel.
Refer to documentation for your product of choice (SSH Sent, SafeNet or
MS's Native stack) for directions on how to do this.
Note: It may not be possible to do this in some products.
On Thu, 27 May 2004, Needy Admin wrote:
> Hi,
>
> I have a travelling salesman that needs to connect to the office and at the
> moment he can do so with XP Pro and SSH Sentinel (using a manually
> assigned virtual IP) and happily access email and other services.
>
> He now also needs to allow a handheld device to connect via the VPN.
> As I understand the setup, he basically wants the laptop to be a
> router/vpn gateway to allow the laptop and the device(s) behind the box
> to access the servers at the office at the same time.
>
> I've tried with SSH Sentinel but I cannot find any documentation on such
> a configuration.
>
> I've also tried using the native IPSec in XP with the ipsec tool from
> vpn.ebootis.de by Marcus Muller and no luck there either. The laptop can
> connect successfully but it doesnt NAT or route any traffice from the
> internal net
> I'm afraid the OS is not negotiable as he needs to use a Windows app
> together with the handheld. On the other hand a VMWare type solution
> maybe sufficient.
>
> I'd appreciate any help or suggestions on this matter.
>
> Regards,
>
> NA
--
Ken Bantoft VP Business Development
ken at xelerance.com Xelerance Corporation
sip://toronto.xelerance.com http://www.xelerance.com
The future is here. It's just not evenly distributed yet.
-- William Gibson
More information about the Users
mailing list