[Openswan Users] Roadwarriors can't access network behind server despite successful IPsec SA

Paul Wouters paul at xelerance.com
Tue Feb 5 19:13:11 EST 2008

On Tue, 5 Feb 2008, Ryan Cabell wrote:

> The network in question is -not- using NAT, it supplies "real" IP addresses
> to clients, but isolates them behind a high-security firewall. It's an odd
> setup, for sure, but it's located at a high-security facility with paranoid
> policies.
> Presumably, if I move the IPsec server to an exposed host on my network, I
> can use regular IPsec for the special-case network, and use NAT-T for any
> roadwarrior clients that happen to be behind NAT at normal, unrestricted
> access points (like home, hotels, etc.)

Ah yes, in that case yes.


More information about the Users mailing list