Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: eRgal on August 08, 2005, 01:33:39 PM

Title: IPSEC VPN Passthrough
Post by: eRgal on August 08, 2005, 01:33:39 PM

Hi,

Just a quick question if anyone can help.

I had a VPN tunnel between two box's (not sme) and have now put and SME in between these but for some reason 1 of the two IPSEC tunnels I had has failed and will not reconnect.

Does anyone know what I would need to do to allow IPSEC tunnel to pass via SME box.

Thx eRgal

Title: IPSEC VPN Passthrough
Post by: Franco on August 08, 2005, 04:16:31 PM

I believe you need to forward ports 500 and 4500 both UDP.
Let me know if this helps,

Title: IPSEC VPN Passthrough
Post by: eRgal on August 09, 2005, 11:46:59 AM

Hi ,

I do have these ports forwarded, I have 2 tunnels & one is ok and the other now fails. It seems to be something to do with authentication but this was ok until SME was put into middle of set-up.

No matter though I will try something else.

Cheers eRgal..

Title: IPSEC VPN Passthrough
Post by: CharlieBrady on August 09, 2005, 04:36:30 PM

Quote from: "eRgal"

I do have these ports forwarded, I have 2 tunnels & one is ok and the other now fails. It seems to be something to do with authentication but this was ok until SME was put into middle of set-up.

If you want more than one IPSEC passthrough connection to any particular location, then the IPSEC server and client will need to support the NAT traversal variant of IPSEC.

Title: IPSEC VPN Passthrough
Post by: eRgal on August 09, 2005, 09:37:24 PM

Hi,

Forwarding the ports was correct , It turned out that the SME box had learned a route to another box somewhere o the network that had the same IP of the other end of the VPN, I changed the ip of the far end of the tunnel and it came up right away.

thx for the help.

 ;-)  :pint: