Hi all, I am attempting to setup remote access domain login over an IPSec tunnel. The tunnel is between a Linux firewall with iptables & openswan, and a windows xp laptop; the internal domain controllers are 2003 servers. For routing purposes, I need to SNAT the laptop to one of our internal rfc 1918 addresses on the internal interface of the firewall. The problem I am encountering is getting the laptop to successfully log on to the domain, and I'm certain it has something to do with the SNAT. I have found a few posts on the mailing lists discussing the development of a netfilter module which rewrites the NetBIOS headers accordingly: http://lists.netfilter.org/pipermail/netfilter-devel/2001-October/005793.html http://lists.netfilter.org/pipermail/netfilter-devel/2002-April/007535.html Does anyone know if such a module has been developed or if one will be in the future, or perhaps a workaround to this? Thanks. -- Bryan McAninch Network Security Engineer Penson Financial Services, Inc. 214.765.1366
