mirror of
https://gitlab.com/shorewall/code.git
synced 2025-01-04 04:29:43 +01:00
Add NAT-T info to VPN doc
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6761 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
6bfe25e0e8
commit
0c60bd6a9c
58
docs/VPN.xml
58
docs/VPN.xml
@ -135,7 +135,63 @@
|
||||
</table>
|
||||
|
||||
<para>The above may or may not work — your milage may vary. NAT Traversal
|
||||
is definitely a better solution.</para>
|
||||
is definitely a better solution. To use NAT traversal:<table id="Table2">
|
||||
<title>/etc/shorewall/rules with NAT Traversal</title>
|
||||
|
||||
<tgroup cols="7">
|
||||
<thead>
|
||||
<row>
|
||||
<entry align="center">ACTION</entry>
|
||||
|
||||
<entry align="center">SOURCE</entry>
|
||||
|
||||
<entry align="center">DESTINATION</entry>
|
||||
|
||||
<entry align="center">PROTOCOL</entry>
|
||||
|
||||
<entry align="center">PORT</entry>
|
||||
|
||||
<entry align="center">CLIENT PORT</entry>
|
||||
|
||||
<entry align="center">ORIGINAL DEST</entry>
|
||||
</row>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<row>
|
||||
<entry>DNAT</entry>
|
||||
|
||||
<entry>net:192.0.2.224</entry>
|
||||
|
||||
<entry>loc:192.168.1.12</entry>
|
||||
|
||||
<entry>udp</entry>
|
||||
|
||||
<entry>4500</entry>
|
||||
|
||||
<entry></entry>
|
||||
|
||||
<entry></entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>DNAT</entry>
|
||||
|
||||
<entry>net:192.0.2.224</entry>
|
||||
|
||||
<entry>loc:192.168.1.12</entry>
|
||||
|
||||
<entry>udp</entry>
|
||||
|
||||
<entry>500</entry>
|
||||
|
||||
<entry></entry>
|
||||
|
||||
<entry></entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table></para>
|
||||
|
||||
<para>If you want to be able to give access to all of your local systems
|
||||
to the remote network, you should consider running a VPN client on your
|
||||
|
Loading…
Reference in New Issue
Block a user