[AG-TECH] NAT and bridge traffic
George Estes
gestes at ncsa.uiuc.edu
Tue Sep 11 12:08:10 CDT 2007
Zsolt,
What's the basic setup for using OpenVPN with a bridge?
Thanks,
George
At 10:46 AM 9/11/2007 -0500, Nagykaldi, Zsolt F. \(HSC\) wrote:
>
>
>It is generally a pain in the back to establish connections to bridge servers in a NAT -ed environment. Port forwarding is one of your options, however there are a number of issues: 1) A large number of ports may need to be forwarded depending on the bridge setup and how many bridges you want to access (security implications); 2) Some older Cisco firewalls without a decent GUI may give you a hard time to create the appropriate rules to do what you need.
>
>My suggestion is to forget about ports and use OpenVPN on the bridge and the client machine to go through the NAT -ed network and everything in between your computer and the bridge. We have a significant experience with this and pretty good results. Your absolute expert (who came up with the combined bridge/Open VPN server solution) is Joe Stone (<mailto:stone004 at umn.edu>stone004 at umn.edu). I can also help, if needed.
>
>Zsolt
>
>
>---
>
>Zsolt Nagykaldi, PhD<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
>Assistant Professor of Research
>Clinical IT Specialist
>
>University of <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />Oklahoma Health Sciences Center
>Department of Family & Preventive Medicine
>900 N.E. 10th Street
>Oklahoma City, OK 73104
>
>Phone: (405) 271-8000 ext.1-32208
>Fax: (405) 271-2784
>
>
>----------
>From: owner-ag-tech at mcs.anl.gov on behalf of George Estes
>Sent: Tue 9/11/2007 9:00 AM
>To: ag-tech at mcs.anl.gov
>Subject: [AG-TECH] NAT and bridge traffic
>
>Hello,
>
> Could someone with experience in this area tell me the issues/problems with receiving traffic from a bridge server if I'm behind a NAT. I've looked through the ag-tech mailing list and there's talk of problems but I can't find specifics.
>
>Thanks,
>George
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mcs.anl.gov/pipermail/ag-tech/attachments/20070911/939607bc/attachment.htm>
More information about the ag-tech
mailing list