[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] VPN tunnels through NAT firewall (client/server?)

  • Subject: [Openvpn-users] VPN tunnels through NAT firewall (client/server?)
  • From: Darren Spruell <darren_spruell@xxxxxxxxx>
  • Date: Tue, 04 Jan 2005 13:32:02 -0700

We would like to set up a branch office VPN connection between two
sites. One endpoint is a Linux firewall with an Internet-routable IP,
the other endpoint is a Linux server behind a NAT firewall and has an
RFC1918 IP address.  We would hope that this would work correctly if the
connection is initiated from the Linux server behind the NAT box to the
other firewall with the public address; return traffic would simply be
routed back to the NAT box and translated to the server again.

But, from what I can tell from the openvpn startup examples, each
endpoint must be able to connect to the other directly (specified with
the "--remote" argument). Since one endpoint is hidden behind the NAT
firewall on a private network, this doesn't fit and we would need to
move this endpoint into a DMZ or similar publicly-routable location.

Can someone please confirm this one way or the other?


The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
Openvpn-users mailing list