LinuxQuestions.org - Openswan/Cisco PIX: NATting a VPN Tunnel

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - Openswan/Cisco PIX: NATting a VPN Tunnel (https://www.linuxquestions.org/questions/linux-networking-3/openswan-cisco-pix-natting-a-vpn-tunnel-523385/)

SnotRocket

01-27-2007 09:31 PM

Openswan/Cisco PIX: NATting a VPN Tunnel

My challenge:

I have two sites that need VPN connectivity. One site runs a Linux router (Openswan) and the other site runs a Cisco PIX 501. Both sites use the private network scheme: 192.168.1.0/24, and cannot be changed at this time (Unfortunate, I know). Ideally, in our situation, the Linux box would NAT the VPN traffic, but the research I have done suggests that is not possible. Does anyone have any experience with this? Can it be done this way?

Thanks.

Quigi

01-28-2007 09:13 PM

If you want to do NAT and Openswan on the same box, you need a fairly new kernel (2.6.17 IIRC). In one setup, after some experimentation we upgraded a box to 2.6.18, and talked sucessfully to the Cisco ever after.

BTW, there are very knowledgable and helpful people on http://lists.openswan.org/mailman/listinfo/users.

All times are GMT -5. The time now is 03:14 PM.