1
0
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-04 04:29:43 +01:00

Add NAT-T info to VPN doc

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6761 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-07-03 14:41:22 +00:00
parent 6bfe25e0e8
commit 0c60bd6a9c

View File

@ -135,7 +135,63 @@
</table>
<para>The above may or may not work — your milage may vary. NAT Traversal
is definitely a better solution.</para>
is definitely a better solution. To use NAT traversal:<table id="Table2">
<title>/etc/shorewall/rules with NAT Traversal</title>
<tgroup cols="7">
<thead>
<row>
<entry align="center">ACTION</entry>
<entry align="center">SOURCE</entry>
<entry align="center">DESTINATION</entry>
<entry align="center">PROTOCOL</entry>
<entry align="center">PORT</entry>
<entry align="center">CLIENT PORT</entry>
<entry align="center">ORIGINAL DEST</entry>
</row>
</thead>
<tbody>
<row>
<entry>DNAT</entry>
<entry>net:192.0.2.224</entry>
<entry>loc:192.168.1.12</entry>
<entry>udp</entry>
<entry>4500</entry>
<entry></entry>
<entry></entry>
</row>
<row>
<entry>DNAT</entry>
<entry>net:192.0.2.224</entry>
<entry>loc:192.168.1.12</entry>
<entry>udp</entry>
<entry>500</entry>
<entry></entry>
<entry></entry>
</row>
</tbody>
</tgroup>
</table></para>
<para>If you want to be able to give access to all of your local systems
to the remote network, you should consider running a VPN client on your