-   Linux - Networking (
-   -   IPSEC Tunnel behind NAT (

pssst_yeah_you 06-23-2004 04:54 PM

IPSEC Tunnel behind NAT
Hopefully someone can help a newbie out. We have several linux firewalls (Redhat -IPTABLES) connected to our corporate headquaters using IPSEC (freeswan). Everything is working great, except I think I might have a problem with our newest office in Hong Kong.

The Hong Kong internet connection is a DSL with a static address. The setup is a DSL modem with a netopia router behind the DSL modem which provides the connection information the the modem, and provides NAT and DHCP to the inside network. The ISP also created a DMZ address on the Netopia router that passes traffic through to an NAT IP address. The ISP also refuses to change this configuration, so what I need to do (if possible) is setup a linux firewall to use an NAT'd address on it's external interface and create a 2nd NAT network for the network behind the firewall. I'm sure this will work for general purposes, but will I be able to create the IPSEC tunnel through this double NAT configuration?

Thanks for any help!


All times are GMT -5. The time now is 11:50 AM.