Re: linux-ipsec: IP tunnel over a NAT (IP masq) possible ?

["John D. Hardin" <jhardin () wolfenet com>]

On Fri, 16 Jul 1999, Otel Florian-Daniel wrote:

> I have the following problem: I have a machine behind a NAT performing 
> one-to-many address translation (inside: Net 10. outside: only one IP
> addr). What i would like to do is to set a IP tunnel from one of the
> inside machines (the "client") to a remote machine (i.e. beyond NAT)
> (the "server"). Such that after the tunnel setup the inside machine
> appears to be virtually attached to the remote net.
>
> Requirements:
> -As it is implied, I don't have administrative control over the NAT
> (otherwise e.g. i could simply attach the client beyond it and use
> `oridnary` IP tunneling)
> -The tunnel is encrypted  (overhead issues irrelevant for the time being)
> -The tunnel is set on-demand, in a client-server fashion (e.g. tunneling 
> over a TCP connection).
> -The operating system: Linux
  
Take a look at
ftp://ftp.rubyriver.com/pub/jhardin/masquerade/ip_masq_vpn.html
  
It may be what you want..

--
 John Hardin KA7OHZ                               jhardin () wolfenet com
 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
-----------------------------------------------------------------------
  Efficiency can magnify good, but it magnifies evil just as well.
  So, we should not be surprised to find that modern electronic
  communication magnifies stupidity as *efficiently* as it magnifies
  intelligence.  
                                  -- Robert A. Matern
-----------------------------------------------------------------------
   55 days until 9/9/99