natecars at real-time.com wrote: > On Sat, 19 Apr 2003, waynej at dccmn.com wrote: > >>One of the issues I had was my old ISP insisted that I run my cisco in >>router mode and my Freeswan doesn't like that so I had to switch ISPs to >>get bridge support. In router mode, your outside IP address <> your >>eth0 IP address cause it's doing NAT. Freeswan sees this is a >>man-in-middle attack. > > > Just buy a routed subnet; then you'll have real public IP's without having > to do bridging. For what it's worth, I have FreeS/WAN running perfectly through TWO NAT'd routers, one wireless and one Cisco 678, connecting to our office firewall also running FreeS/WAN. I have DSL through Real Time, BTW, and their service and uptimes are exemplary :-) FreeS/WAN is running on my laptop with a Linksys WLAN PC card. No special config was required in either of my routers. I just had to make sure that the IP address of my laptop matched what our office firewall was expecting. -- Dave Sherman MCSE, MCSA, CCNA "Windows NT was supposed to hit Unix hard (it did - like a bug hitting a windshield)...." - Andrew Grygus, aaxnet.com _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list