This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSH-Sentinel behind a router/fw

Hello there,

I've set up a Roadwarrior-VPN with the Sentinel and the Astaro V4. Everything works fine if I'm directly connected to the Internet via modem or isdn. but if i'm behind a router/fw e.g. AstaroV4 the exchange of the certificates doesn't work and the creation of the tunnel fails!

can anybody helpme?

thanks...

regards,
mario

This thread was automatically locked due to age.

0 medic over 21 years ago

Hi
you have to enable NAT-T on ASL and Client!
This should work!
Cancel
Vote Up 0 Vote Down

Cancel
0 Brent_Gay over 21 years ago in reply to medic

Be advised that if IPSec pass-thru is enabled on the roadwarrior's NAT'ing fw that will break NAT-T if it is enabled and will cause connectivity problems if NAT-T is enabled on the client.

Per the ASL 4.0 on-line help:

Make sure that the natting device has IPSec-passthru turned off, because this can break the use of NAT-Traversal.

Good Luck!
Cancel
Vote Up 0 Vote Down

Cancel
0 quasar3c279 over 21 years ago in reply to Brent_Gay

Hi,

thanks for your answers. I've tried all this, but it doesn't work.
NAT-T enabed on both sides (Astaro -- SSH-Sentinel). IPSec path-thru disabled on the roadwarriors side.

The connection still fails. If i make a direkt connection everything works fine!

More suggestions?

Thanks,
Mario
Cancel
Vote Up 0 Vote Down

Cancel