Re: IPSec VPN
On Sun, Aug 11, 2002 at 17:40:15 +0200, Jens Hafner wrote:
> Things start to break as soon as I connect the laptop to my private
> network (192.168.0.0/24) whose default gateway is a debian (woody, kernel
> 2.2.19) box. I configured the gateway to accept protocol 50 packages and
> port 500 connections in the following way:
You may need to accept protocol 51 (AH packet-level authentication) as well.
> The extranet client always gives me an error message like: "BannerSock:
> The attempt to connect timed out without establishing a connection". I
> couldn't find any documentation covering this case on the net. All I found
> were lots of documents where the Linux box was one end of the VPN
> connection itself but none covered my case in which the debian box only
> masquerades and forwards the encrypted packages packets.
discusses some of the issues between IPsec and NAT.
"Never trust a poll you haven't rigged yourself."