[Openswan Users] Need a VDSL2 modem known to work with Openswan

Simon Deziel simon at xelerance.com
Sun Feb 24 11:39:39 EST 2013

Hi Durwin,

On 13-02-24 11:17 AM, Durwin wrote:
>>>> You don't want "ipsec passthrough" in most cases. As I said in my previous postings, just like SIP ALG, it is usually completely broken and if you can't disable it, you are quite often screwed. The Zyxels are pretty good  - isn't there a newer device in their portfolio that might suit? Netgear is also reasonable if you get the right model. I've heard some good comments about Billion but I've never used one myself. Also look at some of the more expensive routers that specialise in VoIP or security - just google for "Secure Router", "Security Router", etc. Many of them in fact have IPSEC built in, I got this:
>>> So a modem that does not support ipsec pass through will still work with
>>> openswan?  If so, why do they bother supporting pass through?  Without
>>> pass through is it required to forward ports?
>> If you're using a *modem* or a router in "modem mode" (many have this) your public IP will be on your OpenSWAN box so no need to bother with port forwarding.
> The Actiontec C1000A has a transparent mode.  It says it passes the
> responsability of logging in to (in this case the linux machine) another
> device.  Could this be what I could do?  If so can you direct me to
> proceedures for this?

This looks promising indeed. As Alex said, having the PPPoE (logging in)
done by your Linux machine would mean it would be "directly" connected
to the Internet. Since it would hold your public IP, you wouldn't have
to fight with NAT.


More information about the Users mailing list