LinuxSA Mailing list archives

  From: John Edwards <isplist@adam.com.au>
  To  : Richard Russell <richard@yellowgoanna.com>
  Date: Tue, 28 May 2002 10:05:16 +0930

Re: FreeS/WAN and PoPToP VPN Hell

Richard Russell wrote:

> Situation is that I need secure comms via internet from a Private
> 192.168.x.y LAN behind a static IP Debian gateway machine to roving
> users on Windows 95|98|ME|NT4|2000|XP laptops and home PCs, which
> presumably will be on real IPs, but I guess I can't garantee that.
> 
> Pretty normal, eh?

You'd think so, but no.

Most IP VPN systems do not work through ordinary Network Address
Translation.

PPTP at least uses GRE, which is a different IP protocol type. Most
implementations of NAT do not support GRE properly, only TCP and UDP.

It shouldn't be too hard to get users from the Internet connecting to
the Debian machine directly, but it will be difficult if you're trying
to connect to a server behind it.

John Edwards

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject