Openswan/Cisco PIX: NATting a VPN Tunnel
I have two sites that need VPN connectivity. One site runs a Linux router (Openswan) and the other site runs a Cisco PIX 501. Both sites use the private network scheme: 192.168.1.0/24, and cannot be changed at this time (Unfortunate, I know). Ideally, in our situation, the Linux box would NAT the VPN traffic, but the research I have done suggests that is not possible. Does anyone have any experience with this? Can it be done this way?
If you want to do NAT and Openswan on the same box, you need a fairly new kernel (2.6.17 IIRC). In one setup, after some experimentation we upgraded a box to 2.6.18, and talked sucessfully to the Cisco ever after.
BTW, there are very knowledgable and helpful people on http://lists.openswan.org/mailman/listinfo/users.
|All times are GMT -5. The time now is 10:37 PM.|