[Noisebridge-discuss] VPN from the noisebridge network.

Jonathan Lassoff jof at thejof.com
Thu Oct 15 01:49:47 UTC 2009


Excerpts from Dr. Jesus's message of Wed Oct 14 18:24:58 -0700 2009:
> FWIW, Jof and I had a look at this and saw that the flashrd router was
> refusing to nat the nat-t packets on udp 4500, transmitting them to
> sonic with rfc 1918 source addresses.  We couldn't figure out why that
> was happening.

But strangely, UDP/500 ISAKMP/IKE to the same VPN endpoint gets NATed
just fine. Weird!

Maybe I should bring back the "noisebridge-public" network as a
workaround.  This was a separate VLAN and wireless network at 83c that
handed out routable public IPs instead of NATed ones.

Downside: it's up to the users to implement host-local firewalling.

--j



More information about the Noisebridge-discuss mailing list