Is anyone familiar with trying to get a VPN Client (Nortel's Extranet Client) on a Windows
machine, to connect with it's corresponding Nortel Extranet Switch via a NetBSD box working as the
Internet interface (router)????

I talked with a support technician at Nortel. He says that using IPNAT will keep the Client from
connecting, for the somewhat obvious reason that IPNAT translates the port number, and the VPN
Client/Switch doesn't like that. Also, I need to enable both the AH and ESP protocols and port
500.

I've already talked to my ISP, and he's willing to give me a block of 8 IP addresses for fairly
cheap. This would mean dumping IPNAT.

I've already briefly looked at the White paper "IP Filter based Firewalls," and didn't find much
applicable.

Questions:

Do I need to run NetBSD-1.5 to "pass through" AH & ESP Protocols??? (I'm currently running 1.4.3,
I have a HD issue with 1.5.)

I noticed today, that the new Link-Sys DSL Internet Router allows a single IP address to be
exposed to the Internet via a DMZ host. What the heck is that??? Would that work? Can I do the
same thing with NetBSD?

Can anyone give me any guidance on how/if I can make this work???

Thanks in Advance!!!

Gerry Simmons
simmons@darykon.cet.com