[Noisebridge-discuss] VPN from the noisebridge network.
Jonathan Lassoff
jof at thejof.com
Thu Oct 15 01:49:47 UTC 2009
Excerpts from Dr. Jesus's message of Wed Oct 14 18:24:58 -0700 2009:
> FWIW, Jof and I had a look at this and saw that the flashrd router was
> refusing to nat the nat-t packets on udp 4500, transmitting them to
> sonic with rfc 1918 source addresses. We couldn't figure out why that
> was happening.
But strangely, UDP/500 ISAKMP/IKE to the same VPN endpoint gets NATed
just fine. Weird!
Maybe I should bring back the "noisebridge-public" network as a
workaround. This was a separate VLAN and wireless network at 83c that
handed out routable public IPs instead of NATed ones.
Downside: it's up to the users to implement host-local firewalling.
--j
More information about the Noisebridge-discuss
mailing list