[Openswan Users] Windows box as VPN client and router

Needy Admin needsh3lp at yahoo.com.au
Fri May 28 11:16:20 CEST 2004 

Hi Ken,
 
I wasnt aware that it was blocked as general rule. Unfortunately SSH Sentinel has been discontinued/sold to safenet. I'll try sending a query to safenet but I am not holding by breath. The documentation has no mention of NAT or IP Forwarding on the client itself. 
 
Thanks
 
NA

Ken Bantoft <ken at xelerance.com> wrote:


Many Windows-based IPsec client block IP forwarding, or at least IP 
forwarding over IPsec tunnels. You will need to adjust the policies to 
explicitly allow this traffic to be NAT'd, and then allowed over the 
tunnel.

Refer to documentation for your product of choice (SSH Sent, SafeNet or 
MS's Native stack) for directions on how to do this.

Note: It may not be possible to do this in some products.


On Thu, 27 May 2004, Needy Admin wrote:

> Hi,
> 
> I have a travelling salesman that needs to connect to the office and at the 
> moment he can do so with XP Pro and SSH Sentinel (using a manually
> assigned virtual IP) and happily access email and other services.
> 
> He now also needs to allow a handheld device to connect via the VPN. 
> As I understand the setup, he basically wants the laptop to be a 
> router/vpn gateway to allow the laptop and the device(s) behind the box 
> to access the servers at the office at the same time. 
> 
> I've tried with SSH Sentinel but I cannot find any documentation on such
> a configuration. 
> 
> I've also tried using the native IPSec in XP with the ipsec tool from 
> vpn.ebootis.de by Marcus Muller and no luck there either. The laptop can
> connect successfully but it doesnt NAT or route any traffice from the 
> internal net
> I'm afraid the OS is not negotiable as he needs to use a Windows app
> together with the handheld. On the other hand a VMWare type solution
> maybe sufficient.
> 
> I'd appreciate any help or suggestions on this matter.
> 
> Regards,
> 
> NA


-- 
Ken Bantoft VP Business Development
ken at xelerance.com Xelerance Corporation
sip://toronto.xelerance.com http://www.xelerance.com

The future is here. It's just not evenly distributed yet. 
-- William Gibson




---------------------------------
Find local movie times and trailers on Yahoo! Movies.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040528/a5f7a033/attachment.htm

More information about the Users mailing list