[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] NAT Traversal for VPN

Subject: Re: [cobalt-users] NAT Traversal for VPN
From: "Ian" <cobalt@xxxxxxxxxxxxx>
Date: Fri Feb 21 02:02:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

On 20 Feb 2003 at 12:37, Peter Low wrote:

> We have a guest in our office who needs to have access to his company's 
> VPN.  We have a Qube doing NAT and DHCP.  Apparently, NAT and VPN don't mix.
> 
> Does anyone have any ideas on allowing our guest to get VPN access through 
> the NAT setup?  I've done some looking into NAT traversal, but have not 
> found specific directions.  Is it possible to do port forwarding or exclude 
> his port from NAT or something?
> 
> Thanks in advance for any help.
> 
> Peter

Hi,

We allow vpns through our IPTABLES firewall using these rules.  Maybe 
someone could translate them for the Qube ?

iptables -t nat -A PREROUTING -p tcp -i eth0 -d $EXTERNALIP --dport 
1723 -j DNAT --to $INTERNALIP:1723

iptables -t nat -A PREROUTING -p 47 -i eth0 -d$EXTERNALIP -j DNAT --
to $INTERNALIP

iptables -A FORWARD -p tcp -d $INTERNALIP --dport 1723 -j ACCEPT

iptables -A FORWARD -p 47 -d $INTERNALIP -j ACCEPT

iptables -t nat -A POSTROUTING -s $INTERNALIP -o eth0 -j SNAT --to
$EXTERNALIP

Regards

Ian
--

References:
- [cobalt-users] NAT Traversal for VPN
  - From: Peter Low

Prev by Date: Re: [cobalt-users] source of panel-utils
Next by Date: [cobalt-users] Limit pop3 login times
Previous by thread: Re: [cobalt-users] NAT Traversal for VPN
Next by thread: [cobalt-users] [OT] Anyone using CPanel on a RaQ or otherwise

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index