This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Behide Linksys broadband router, SSH VPN client...

My PC is behide a Linksys broadband router.
I want to make a connection to a far point (Astaro 3.217) by using the Sentinel VPN client.

Should I enable "IPSec Pass Through" in Linksys device?
Should I enable "NAT-T" on the VPN client?

P.S. Without Linksys, I can connect to the far point (Astaro 3.217)!

This thread was automatically locked due to age.

Parents

0 Andreas Steffen over 22 years ago

As an alternative you could configure IPsec Passthrough in the
Linksys and work without NAT-T. Why incur additional overhead
due to the NAT-T UDP encapsulation?

Regards

Andreas
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Andreas Steffen over 22 years ago

As an alternative you could configure IPsec Passthrough in the
Linksys and work without NAT-T. Why incur additional overhead
due to the NAT-T UDP encapsulation?

Regards

Andreas
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Moby over 22 years ago in reply to Andreas Steffen

Andreas,

Will that work? I will admit I have not tested it, but I was under the impression that since a Linksys broadband router is basically just a NAT device that a VPN will fail without UDP encapsulation.
Cancel
Vote Up 0 Vote Down

Cancel
0 Andreas Steffen over 22 years ago in reply to Moby

Well, if the Linksys router has IPsec passthrough capability which
I don't know, then this approach is feasible. Most ADSL routers
have IPsec passthrough, though.

If you have an internal VPN client with IP address
10.0.1.2 and a NAT-Router with external IP address
xx.xx.xx.xx then the IPsec passthrough mapping is as follows:

  SSH Sentinel                         Router
  10.0.1.2:udp/500         xx.xx.xx.xx:udp/500
  10.0.1.2  ESP                xx.xx.xx.xx   ESP

Regards

Andreas
Cancel
Vote Up 0 Vote Down

Cancel