Openswan/Cisco PIX: NATting a VPN Tunnel
My challenge:
I have two sites that need VPN connectivity. One site runs a Linux router (Openswan) and the other site runs a Cisco PIX 501. Both sites use the private network scheme: 192.168.1.0/24, and cannot be changed at this time (Unfortunate, I know). Ideally, in our situation, the Linux box would NAT the VPN traffic, but the research I have done suggests that is not possible. Does anyone have any experience with this? Can it be done this way? Thanks. |
If you want to do NAT and Openswan on the same box, you need a fairly new kernel (2.6.17 IIRC). In one setup, after some experimentation we upgraded a box to 2.6.18, and talked sucessfully to the Cisco ever after.
BTW, there are very knowledgable and helpful people on http://lists.openswan.org/mailman/listinfo/users. |
All times are GMT -5. The time now is 03:14 PM. |