Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick Road Warrior FireBrick Config: Difference between revisions

← Older editNewer edit →
Content deleted Content added
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,616 edits
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,616 edits
Line 13: Line 13:
'''Separate pool:'''
'''Separate pool:'''
Choose an IP range not used anywhere else in your FB config
Choose an IP range not used anywhere else in your FB config
(and to avoid confusion choose something non-routable eg from 10...)
(and to avoid confusion choose something non-routable eg from 10...)
Set the NAT flag on the ipsec roaming pool definition.
Set the NAT flag on the ipsec roaming pool definition.


In this scenario all traffic arriving at the FB from the remote
In this scenario all traffic arriving at the FB from the remote
device will be NATed (with FB source address) before being routed
device will be NATed (with FB source address) before being routed
onwards. This provides what most people would expect - remote
onwards. This provides what most people would expect - remote
device has a non-routable NATed address. Sessions originating
device has a non-routable NATed address. Sessions originating
on the device can talk to anywhere the FB can - but other
on the device can talk to anywhere the FB can - but other
devices cannot initiate sessions to the remote device.
devices cannot initiate sessions to the remote device.


'''IPs from the existing LAN'''
'''IPs from the existing LAN'''
Retrieved from "http://support.aa.net.uk/FireBrick_Road_Warrior_FireBrick_Config"