Nerius,
This sounds like a DPD timeout. The Cisco VPN client or Cisco gateway is
probably not configured to use NAT-T or you are blocking UDP port 4500.
Using the static-port trick will help in some instances where a client
doesn't support NAT-T, but it also prevents multiple clients behind th
reeBSD-6 you
have to split this up in two lines, one nat and one pass.
Peter
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nerius Landys
Sent: Thursday, February 14, 2008 7:00 PM
To: freebsd-net@freebsd.org
Subject: PF firewall NAT and Windows IPSEC tu
Hi--
On Feb 14, 2008, at 9:59 AM, Nerius Landys wrote:
Howdy folks. I have several computers behind a FreeBSD router (NAT
192.168.0.x using OpenBSD's PF) . One of those computers is a Windows
machine which is using software called "Cisco Systems VPN Client" to
connect
to some other computer
Howdy folks. I have several computers behind a FreeBSD router (NAT
192.168.0.x using OpenBSD's PF) . One of those computers is a Windows
machine which is using software called "Cisco Systems VPN Client" to connect
to some other computers outside of our internal network. Our FreeBSD
router's conn
