From owner-freebsd-questions@FreeBSD.ORG Fri Oct 20 18:24:12 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0730916A415 for ; Fri, 20 Oct 2006 18:24:12 +0000 (UTC) (envelope-from ml@t-b-o-h.net) Received: from vjofn.tucs-beachin-obx-house.com (vjofn.tucs-beachin-obx-house.com [204.107.90.128]) by mx1.FreeBSD.org (Postfix) with ESMTP id 93E9D43D5F for ; Fri, 20 Oct 2006 18:24:08 +0000 (GMT) (envelope-from ml@t-b-o-h.net) Received: from himinbjorg.tucs-beachin-obx-house.com (dpc6747145123.direcpc.com [67.47.145.123]) (authenticated bits=0) by vjofn.tucs-beachin-obx-house.com (8.12.9/8.12.9) with ESMTP id k9KIO2fp095334; Fri, 20 Oct 2006 14:24:06 -0400 (EDT) Received: from himinbjorg.tucs-beachin-obx-house.com (localhost.tucs-beachin-obx-house.com [127.0.0.1]) by himinbjorg.tucs-beachin-obx-house.com (8.13.6/8.13.6) with ESMTP id k9KINxVV040646; Fri, 20 Oct 2006 14:24:00 -0400 (EDT) (envelope-from ml@t-b-o-h.net) Received: (from tbohml@localhost) by himinbjorg.tucs-beachin-obx-house.com (8.13.6/8.13.6/Submit) id k9KINxKB040645; Fri, 20 Oct 2006 14:23:59 -0400 (EDT) (envelope-from tbohml) From: "Tuc at T-B-O-H.NET" Message-Id: <200610201823.k9KINxKB040645@himinbjorg.tucs-beachin-obx-house.com> To: cswiger@mac.com (Chuck Swiger) Date: Fri, 20 Oct 2006 14:23:59 -0400 (EDT) In-Reply-To: <691257EF-3060-450B-90DB-E82DE4CEDEB2@mac.com> X-Mailer: ELM [version 2.5 PL8] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: "Tuc at T-B-O-H.NET" , freebsd-questions@freebsd.org Subject: Re: Tunnels to Cisco through NAT? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Oct 2006 18:24:12 -0000 > > On Oct 20, 2006, at 10:42 AM, Tuc at T-B-O-H.NET wrote: > > Is anyone aware of a tunnel between FreeBSD and Cisco that > > can go through a NAT on the Cisco side? > > If you update the Cisco firmware with the latest IOS+VPN version, you > ought to gain proper NAT-T support which will work with most IPSEC/ > VPN implementations. Otherwise, if you only need to implement a > single VPN tunnel, you can use something like OpenVPN, which only > needs you to forward a single UDP port (1194)... > Hi, Thanks for the reply. I guess my question wasn't phrased exact enough... The long of it is that I have a low end Cisco router sitting at a location behind a consumer grade broadband router, connected to a satellite connection. The satellite does not allow direct TCP inbound connections, so anything I use has to be OpenVPN. I have a Soekris box with FreeBSD 5.5 running OpenVPN via UDP to a server in the datacenter, and it works fine and good. The issue is I want to set up another tunnel (The cisco is actually a 2509, 8 port serial. This new tunnel is for when the Soekris is down to be able to administer it via the serial port). So I'm looking for an application where if you want to think in reverse... The FreeBSD box needs to be able to get to the Cisco through a NAT (And only via UDP). Thanks, Tuc