[Openswan Users] Certificate exchange but no l2tp
Jacco de Leeuw
jacco2 at dds.nl
Sat May 21 21:19:39 CEST 2005
Oliver Tomkins wrote:
> vpn traffic comes through our corporate firewall to the
> ipsec machine in the DMZ. We then do
>
> DNAT udp -- anywhere anywhere udp spt:l2tp
> dpt:l2tp to:XXX.XXX.XXX.XXX
>
> to direct the traffic to the l2tp machine. We use public ip addresses
> throughout - so no need for NAT.
I'm afraid the setup is not quite clear to me. Does the VPN server in
the DMZ have access to the L2TP server in the internal subnet? And they
all have public IP addresses? Perhaps you could make a diagram or something.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list