From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel Lopes Subject: Re: IPSec masquerade with multiple clients Date: Fri, 13 May 2005 16:54:56 +0200 Message-ID: <4284BFC0.8040701@lopsch.com> References: <015901c557ab$c31c19b0$5101a8c0@ALEPH> <4284916E.1090604@hotpop.com> <017f01c557b3$c71ee3a0$5101a8c0@ALEPH> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <017f01c557b3$c71ee3a0$5101a8c0@ALEPH> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-bounces@lists.netfilter.org Errors-To: netfilter-bounces@lists.netfilter.org Content-Type: text/plain; charset="us-ascii"; format="flowed" To: netfilter@lists.netfilter.org Leonid Zeitlin schrieb: > ----- Original Message ----- > From: "Georgi Alexandrov" > To: > Sent: Friday, May 13, 2005 2:37 PM > Subject: Re: IPSec masquerade with multiple clients > > > >>Leonid Zeitlin wrote: >> >> >>>Hi all, >>>I have the following problem. I have a local network behind a Linux > > router > >>>that does IP masquerade. All hosts on the LAN have 192.168.*.* addresses, >>>and the Linux router has only one external IP address. I need IPSec VPN >>>clients from the LAN to connect to an outside server. The client VPN >>>software is Contivity VPN Client by Nortel Networks. If only one clients >>>connects at a time, everything works fine. But once one client connects, > > no > >>>other client can do so. For the second client the connection cannot be >>>established. Is there any way to have multiple clients connect to the >>>external VPN server simultaneously? Any help will be appreciated. >>> >>>Thanks in advance, >>> Leonid >>> >>> >>> >>> >>> >> >>This question is asked at least once a week in this list, please take a >>look at the archives. >> >>regards, >>Georgi Alexandrov >> > > > Yes, the answer is usually "enable NAT Traversal". My question then is, does > anyone know if NAT Traversal can be enabled in Contivity VPN Client. I > profess ignorance in this subject. > > Thanks, > Leonid > > > How about taking a look at the clients dokus or asking it at the Nortel Support? I think they will help you ;), although I think the client provides NAT-T because nearly all newer clients do it.