Discussion:
[vpn-help] Nat via tunnel
Steves James
2012-12-17 14:52:10 UTC
Permalink
Hey,

First of all I want to say that Shrew vpn is the only one that can stay connected to CISCO ASA
at work for more then an hour. Both vpnc and strongswan drop connection after a while (no amount
of tweaking configuration helped them).

My question is how I can nat local network via tunnel ?
WIth vpnc I just added MASQUERADE for traffic outgoing via tun0.
With strongswan SNAT to virtual ip helped.
But with Shrew vpn client neither is working.

Thanks,
Steves


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shrew.net/pipermail/vpn-help/attachments/20121217/0c100e4e/attachment.html>
Steves James
2012-12-17 21:15:16 UTC
Permalink
Sorry, I phrase myself rather bad before.

What I meant is: how is it possible to route traffic from local LAN over vpn
tunnel (only to networks that are there) with masquerading to virtual ip of the tunnel ?

Thanks,
Steves

From: steves.james at outlook.com
To: vpn-help at lists.shrew.net
Date: Mon, 17 Dec 2012 14:52:10 +0000
Subject: [vpn-help] Nat via tunnel




Hey,

First of all I want to say that Shrew vpn is the only one that can stay connected to CISCO ASA
at work for more then an hour. Both vpnc and strongswan drop connection after a while (no amount
of tweaking configuration helped them).

My question is how I can nat local network via tunnel ?
WIth vpnc I just added MASQUERADE for traffic outgoing via tun0.
With strongswan SNAT to virtual ip helped.
But with Shrew vpn client neither is working.

Thanks,
Steves



_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shrew.net/pipermail/vpn-help/attachments/20121217/98e3b6a9/attachment.html>
Kevin VPN
2013-01-23 03:03:45 UTC
Permalink
Post by Steves James
Sorry, I phrase myself rather bad before.
What I meant is: how is it possible to route traffic from local LAN over vpn
tunnel (only to networks that are there) with masquerading to virtual ip of the tunnel ?
Thanks,
Steves
From: steves.james at outlook.com
To: vpn-help at lists.shrew.net
Date: Mon, 17 Dec 2012 14:52:10 +0000
Subject: [vpn-help] Nat via tunnel
Hey,
First of all I want to say that Shrew vpn is the only one that can stay connected to CISCO ASA
at work for more then an hour. Both vpnc and strongswan drop connection after a while (no amount
of tweaking configuration helped them).
My question is how I can nat local network via tunnel ?
WIth vpnc I just added MASQUERADE for traffic outgoing via tun0.
With strongswan SNAT to virtual ip helped.
But with Shrew vpn client neither is working.
Hi Steves,

I think this is a function that is done at the far end of the tunnel
(i.e. the VPN gateway), not done by the Shrew Soft VPN client. AFAIK,
most NAT is done at the egress interface, where the traffic is leaving
the security device and heading out into the "other" network.

Steves James
2012-12-17 14:52:10 UTC
Permalink
Hey,

First of all I want to say that Shrew vpn is the only one that can stay connected to CISCO ASA
at work for more then an hour. Both vpnc and strongswan drop connection after a while (no amount
of tweaking configuration helped them).

My question is how I can nat local network via tunnel ?
WIth vpnc I just added MASQUERADE for traffic outgoing via tun0.
With strongswan SNAT to virtual ip helped.
But with Shrew vpn client neither is working.

Thanks,
Steves


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121217/0c100e4e/attachment-0001.html>
Steves James
2012-12-17 21:15:16 UTC
Permalink
Sorry, I phrase myself rather bad before.

What I meant is: how is it possible to route traffic from local LAN over vpn
tunnel (only to networks that are there) with masquerading to virtual ip of the tunnel ?

Thanks,
Steves

From: steves.james at outlook.com
To: vpn-help at lists.shrew.net
Date: Mon, 17 Dec 2012 14:52:10 +0000
Subject: [vpn-help] Nat via tunnel




Hey,

First of all I want to say that Shrew vpn is the only one that can stay connected to CISCO ASA
at work for more then an hour. Both vpnc and strongswan drop connection after a while (no amount
of tweaking configuration helped them).

My question is how I can nat local network via tunnel ?
WIth vpnc I just added MASQUERADE for traffic outgoing via tun0.
With strongswan SNAT to virtual ip helped.
But with Shrew vpn client neither is working.

Thanks,
Steves



_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121217/98e3b6a9/attachment-0001.html>
Steves James
2012-12-17 14:52:10 UTC
Permalink
Hey,

First of all I want to say that Shrew vpn is the only one that can stay connected to CISCO ASA
at work for more then an hour. Both vpnc and strongswan drop connection after a while (no amount
of tweaking configuration helped them).

My question is how I can nat local network via tunnel ?
WIth vpnc I just added MASQUERADE for traffic outgoing via tun0.
With strongswan SNAT to virtual ip helped.
But with Shrew vpn client neither is working.

Thanks,
Steves


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121217/0c100e4e/attachment-0002.html>
Steves James
2012-12-17 21:15:16 UTC
Permalink
Sorry, I phrase myself rather bad before.

What I meant is: how is it possible to route traffic from local LAN over vpn
tunnel (only to networks that are there) with masquerading to virtual ip of the tunnel ?

Thanks,
Steves

From: steves.james at outlook.com
To: vpn-help at lists.shrew.net
Date: Mon, 17 Dec 2012 14:52:10 +0000
Subject: [vpn-help] Nat via tunnel




Hey,

First of all I want to say that Shrew vpn is the only one that can stay connected to CISCO ASA
at work for more then an hour. Both vpnc and strongswan drop connection after a while (no amount
of tweaking configuration helped them).

My question is how I can nat local network via tunnel ?
WIth vpnc I just added MASQUERADE for traffic outgoing via tun0.
With strongswan SNAT to virtual ip helped.
But with Shrew vpn client neither is working.

Thanks,
Steves



_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121217/98e3b6a9/attachment-0002.html>
Loading...