asked on
allow ipsec passthrough using shorwall firewall
I have users who need to run an IPSec VPN from a client through my RedHat Linux-based router, which is running a Shorewall firewall. The firewall is doing NAT. I have a single public IP address.
Linksys routers have an option called "IPSec Passthrough" which I have found allows this VPN traffic to pass through. How can I configure the Shorewall firewall to allow the IPSec traffic to just "pass through?" I have opened up all the necessary ports, but no luck.
Anyone have experience with this?
Linksys routers have an option called "IPSec Passthrough" which I have found allows this VPN traffic to pass through. How can I configure the Shorewall firewall to allow the IPSec traffic to just "pass through?" I have opened up all the necessary ports, but no luck.
Anyone have experience with this?
Software Firewalls
Last Comment
quadquay
ASKER
The server I'm trying to reach doesn't allow NAT-T or UDP encapsulation. Any other ideas?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
My final solution was to use a second public IP address and do one-to-one NAT from the public IP to the workstation running the IPSec client.
Cheers.