... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.dcom.vpn

VPN protocols, clients, awesomeness

2,348 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 422 of 2,348

Venger to W.B

Re: VPN - supporting multiple private NA

03 Nov 03 08:50:30

   XPost: comp.security.firewalls   
   From: venger@augustmail.com   
      
   "W.B"  wrote in message   
   news:vfcm4he9jsbh$.oekyjrmzkte2.dlg@40tude.net...   
   > > Which then begs the question... how can you support dozens of clients   
   who   
   > > could quite possibly each have the same private NAT address, say   
   > > 192.168.1.100, much less similar address space?   
   >   
   > There the rub, You cant. The subnets have to be different.  Your TCP stack   
   > will not know to route the packets out of the gateway.  It is a logistics   
   > problem for sure.  I would have used a more unusual private address space   
   > internally.  Something like 10.100.10.X   
      
   Yeah, unfortunately we've got the established network infrastructure that is   
   going to be resistant to change.   
      
   > All NAT-T does is encapsulate the IP header in UDP to allow the packets to   
   > go through the NAT process without being mangled.   
   >   
   > Are you using Sonicwalls client?  Are you using a actual public IP at the   
   > VPN terminating device?   
      
   Using the Sonicwall client, set using the GroupVPN option...   
      
   Venger   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]