Hi Holger, Am So, den 20.06.2004 schrieb Holger Unterbrink um 20:14: > I haven't looked at the GM srccode, yet, so I don't know how it gets the > Src IP (which is used in the upper L3 headers). The Cisco VPN client is > a kernel module that intercepts the network stack in kernel space, afaik > it's not seen from apps running in userspace or tools like ifconfig etc. > >From the userspace or common apps, everything like the routing table, > interfaces, etc are looking as they looked before the VPN was setup. > In theorie it looks similar to a NAT Gateway outside the box (for me). > Please correct me if I am wrong, I thought the NAT feature in GM would > exchange the local IP of the box with the given IP in the NAT dialog in > all layers above layer 3. So I've no idea why it's not working ? > The VPN Client is free and easy to install, if you like to test it on > your own I can send you a copy and you can dial into my network. actually i am rather interested what's the plan to connect to a Cisco VPN Concentrator with either of FreeS/WAN or KAME IPsec. Is it possible in the meantime or are you still bound to be *EITHER* a VPN client (exclusive to Cisco VPN) *OR* a VPN server (like FreeS/WAN or KAME) on your linux box? If this is no longer valid, i'm willing to try and get some VPN with a Cisco VPN Concentrator (of my University) up and working and would then be able to do some testing. Anyway, to answer to the rest: to me this looks like a 2 IP local interface problem, where you cannot choose the local IP. Remember the guy on the ML who had a private and public IP on his public interface and was not able to choose it either. Maybe it's time GM adds an option to choose its "local" IP of the interfaces. -- Best regards, Kilian
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil