IPSec Passthrough

IPSec Passthrough

Post by ME » Sat, 31 May 2003 14:25:37



I have spent TONS of time trying to find a device or software that would in
a nut shell NAT IPSEC.  Yeah, yeah I know it can't be done.  Or so every one
says.  I have found commercial software as well as several peices of Gear
that can.  Now I have not had any experience with them but people tell me
that they are capable of it.

For example:

Sygate (Software)
http://forums.sygatetech.com/vb/showthread.php?s=e1f39a37f530667d1a9e...

Netgear FVS318NA
http://www.netgear.com/products/prod_details.asp?prodID=129&view=sb

So here is the question.  Is there any software out there that can do it,
that is FREE (open source)?  Preferrably based on a FreeBSD or Linux
Platform?

Thanks,

Matt

 
 
 

IPSec Passthrough

Post by Frank Cusac » Sat, 31 May 2003 18:16:16



Quote:> I have spent TONS of time trying to find a device or software that would in
> a nut shell NAT IPSEC.  Yeah, yeah I know it can't be done.

Of course it can be done. :-)

Quote:> So here is the question.  Is there any software out there that can do it,
> that is FREE (open source)?  Preferrably based on a FreeBSD or Linux
> Platform?

http://www.freeswan.org/freeswan_trees/freeswan-2.00/doc/faq.html#NAT...

/fc

 
 
 

IPSec Passthrough

Post by Massimo Ciscat » Thu, 05 Jun 2003 23:56:46


Quote:> So here is the question.  Is there any software out there that can do it,
> that is FREE (open source)?  Preferrably based on a FreeBSD or Linux
> Platform?

I would definetly use OpenBSD. It has all you need and it shouldn't be too
difficult to learn if, as it appears, you are familiar with FreeBSD.
 
 
 

IPSec Passthrough

Post by Arndt Faulhabe » Mon, 16 Jun 2003 06:28:24


Quote:> I have spent TONS of time trying to find a device or software that would
> in
> a nut shell NAT IPSEC.  Yeah, yeah I know it can't be done.  Or so every
> one
> says.  I have found commercial software as well as several peices of Gear
> that can.  Now I have not had any experience with them but people tell me
> that they are capable of it.

Well... I don't know - actually I doubt that it really works, but I'm not
100% sure (e.g. I tried to get it running over a Zyxel Prestige (they claim
it does passthrough...) but it didnn't work... mayby I'm too dumb for
it...)

But have a look at NAT-T (NAT traversal) the new Win2k/XP Ipsec should
support it (as I heared - windowsupdate.microsoft.com... uaah!) and it
works by encapsulating ESP into UDP, so headers of the original packet
don't get altered... Nat-T is not yet an RFC, but I think will soon become
one.

Quote:

> For example:

> Sygate (Software)

http://forums.sygatetech.com/vb/showthread.php?s=e1f39a37f530667d1a9e...
Quote:

> Netgear FVS318NA
> http://www.netgear.com/products/prod_details.asp?prodID=129&view=sb

> So here is the question.  Is there any software out there that can do it,
> that is FREE (open source)?  Preferrably based on a FreeBSD or Linux
> Platform?

Sure! There is FreeS/WAN for linux (www.freeswan.org) with existing X.509
and NAT-T patches or directly try superFreeS/WAN that incorporates these
patches anyway - all major dirtros anyway patch freeS/WAN, so you normally
needn't bother...

Cheers, Arndt

--
Arndt Faulhaber

 
 
 

1. ipsec masq--ipsec ports?

I have a nortel ipsec client on my workstation, and am trying to get ipsec
masq to work.  I have the module (using kernel 2.2.16) compiled and I am
loading it, but I think I may be blocking out whatever port it uses in my
firewall.  Does anyone know what ports ipsec uses so I can let them through
in the firewall?  Any help appreciated.  Thanks.

2. How to get pwd without using getcwd ?

3. Multiple Outgoing IPSEC SAs ( Sun Solaris 9, IKE/IPSEC)

4. Compiling kernel 1.2.13 problem

5. IPSec/VPN to Cisco router with IPSec IOS ?

6. HomePNA card and ethernet LAN

7. Solaris and IPsec, non IPsec aware boxes on network.

8. Making SCO UNIX machine into NIS client

9. To IPsec or not to IPsec

10. IPSEC Howto i can buil IPSec tunnel...

11. FreeSWAN IPsec and SSH Sentinel IPSec client

12. Installing RH Linux firewall in Home office for security, how can I VPN passthrough?

13. Passthrough zip drive through printer?