As far as I know, the Ravlin doesn't have that problem. I have 3 of em sitting in my desk drawer because I hate them and just do all the ipsec with the firewalls instead, but that's beside the point. Try it, if it doesn't work, worry about it then. :) Ravlin's -- $30k for a small box that weighs less than my cellphone. I haven't played with them for awhile though, so maybe their software got better. But, they still feel cheap. :) > -----Original Message----- > From: Amy Tanner [mailto:amy at real-time.com] > Sent: Friday, August 10, 2001 2:07 PM > To: tclug-list at mn-linux.org > Subject: Re: [TCLUG] VPN setup question > > > On Fri, Aug 10, 2001 at 02:07:55PM -0500, Austad, Jay > (austad at marketwatch.com) wrote: > > Is it a router to router VPN, or are people connecting to it with > > their workstations? > > Actually, I need to support both scenarios. > > Personal Ravlin II -> Ravlin 10/5100 Server > Ravlin Software IPSec -> Ravlin 10/5100 Server. > > > > > If it's router to router, and one is a cisco, you might have some > > problems getting IPSec to work correctly in a NAT environment when > > only one side is NAT'd. I got around this by making an unencrypted > > GRE tunnel between the inside edge routers on both sides, and then > > making the firewall do the encryption on that traffic. > > > > If it's client to vpn server, you should be fine. > > > > jay > > -- > Amy Tanner > amy at real-time.com _______________________________________________ > tclug-list mailing list > tclug-list at mn-linux.org > https://mailman.mn-> linux.org/mailman/listinfo/tclug-list >