> Hi, > > I am trying to set up multiple ipsec VPN clients working behind a Linux > router with NAT/PAT, based on a 2.4.20 (can be 2.4.22) kernel. I would > like to be able to connect a number of Windows (2k or XP) machines to an > existing Cisco VPN server. > > client 1 (ipsec) ---> | router | > client 2 (ipsec) ---> | NAT/ | > . PAT | -> ipsec VPN server (Cisco) > . | | > client 10 (ipsec) --->| | > > A patch seems to be needed to make this work, and I have seen a lot of > emails with a similar question in regards to pptp VPN clients, but > nothing encouraging for ipsec. I have also seen the IP masquerade HOWTO > and the VPN HOWTO, which both refer to a patch for 2.2 kernels, but > claim nothing is available for 2.4 kernels. I am a netfilter newbie (if > this is not blindingly obvious), so any help would be much appreciated. > > > Kind regards, Roksana enable IKE over TCP on the clients and UDP encapsulation. this is not a problem with netfilter, but with multiple IPSec clients behind *any* NAT device. -j
