Port forwarding revisited
Chuck Young
chy at genuity.com
Tue Aug 28 20:36:36 EDT 2001
The Nortel client is acceptable on wintel platforms, and well, uh, they
don't give a rat's ass about the other platforms (MAC client rumored).
I use the Nortel EAC v. 2.62 behind a Netgear RT314 with the VPN
passthrough. The passthrough feature is pretty nice. And it's so easy our
sales folks can use it!
I *believe* the trick is accomplished by creating a static NAT for the UDP
and TCP stuff as well as the IP types (50 and 51?). This means 1:1 static
NAT - since you only have one global IP address, you can only run one VPN
client at a time behind the gate. Low power consumption, low heat (it's hot
in my little dungeon), small form factor and VPN passthrough with an TCP/UDP
ACL firewall (sick as the syntax is) with a Natted port-forwarding feature
are probably why these things sell so well.
You'll be quite a hero if you can get a linux (anything really) box to do as
well. Cost/benefit is clear, but you don't get to write your own
kernel/networking code :-)
----------------------
Chuck Young
Internet Systems Engineer
E-Services Consulting
Genuity Solutions
-----------------------------
> -----Original Message-----
> From: owner-discuss at Blu.Org [mailto:owner-discuss at Blu.Org]On Behalf Of
> Bill Horne
> Sent: Tuesday, August 28, 2001 7:19 PM
> To: discuss at Blu.Org
> Subject: Re: Port forwarding revisited
>
>
> "Derek D. Martin" wrote:
>
> > Bill Horne said:
> >
> > > However, I also have a VPN client on one of my internal machines
>
> [snip]
>
> > I have no idea what software you're using, so I can't tell you
> what to do.
>
> Nortel Extranet Access Client V02_51.07
>
>
> -
> Subcription/unsubscription/info requests: send e-mail with
> "subscribe", "unsubscribe", or "info" on the first line of the
> message body to discuss-request at blu.org (Subject line is ignored).
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list