[isf-wifidog] Huge problems with Cisco VPN (IPsec)
Mina Naguib
mina at naguib.ca
Dim 11 Juin 18:00:28 EDT 2006
I believe CISCO's client is an IPSEC implementation. Last time I
played with IPSEC my blood pressure shot through the roof.
I'm in no position to preach to end-users and their employers about
the neatness of OpenVPN, so I won't even go there.
Simply put, IPSEC is not exactly typical-end-user-behind-a-NAT
friendly (standard rewriting problems where the protocol depends on
IP addresses coded inside the packet payload itself - remember how
active FTP broke behind NAT until the linux kernel became "ftp-aware"?)
In the official Linksys firmware there's an "IPSEC PassThrough"
checkbox that addresses this issue. I'm not sure what the OpenWRT
equivalent would be.
On 11-Jun-06, at 4:53 PM, Max Horváth wrote:
> Hey folks,
>
> we got huge problems with people wanting to use their Cisco VPN
> client. It just doesn't connect to the VPN server.
>
> I guess it's a problem with the iptables command of the gateway.
>
> How could this problem be solved?
>
> Cheers, Max!
More information about the WiFiDog
mailing list