> > I am trying to set up multiple ipsec VPN clients working behind a Linux > router with NAT/PAT, based on a 2.4.20 (can be 2.4.22) kernel. I would > like to be able to connect a number of Windows (2k or XP) machines to an > existing Cisco VPN server. > > client 1 (ipsec) ---> | router | > client 2 (ipsec) ---> | NAT/ | > . PAT | -> ipsec VPN server (Cisco) > . | | > client 10 (ipsec) --->| | > Instead of making your VPN clients tunnel thru' Linux NAT router, it would be better if you make the Linux NAT router perform IPSEC VPN client functions with the Cisco ipsec VPN server In the configuration I mention, you are effectively putting IPSEC behind NAT, whereas to have IPSEC before NAT, that's a lot more problematic.
