[NCLUG] Re: Are you running a local nameserver?

[Matt Rosing]

 > Matt Rosing wrote:
 > > I need help getting my wife's VPN connection to work. She connects
 > > to HP's vpn from our house
 > 
 > Is this the Nortel Extranet Client?  Or something else?

It's now MSRA, or maybe HP's MSRA. Is there a way to configure this? I
wanted to try forcing it to use UDP and I can't find a way to choose
that.

 > I would try turning the KeepAlives option off.  That is about the only
 > thing that I can suggest.

That doesn't have anything to do with MSRA, does it?

I did read about optimizing the MTU size. I can try that but that
really seems like flaky code if that's the problem.

 > As far as firewalls are concerned it has been known to work very well
 > behind most commercial blue-box types of firewall/cable-modems and
 > also work quite well behind Linux kernel based firewalls without any
 > special configuration.  That is assuming that the firewall is in a
 > typical default-type of configuration.  I would be concerned if NAT
 > timeouts for UDP traffic were being heavily customized or things like
 > that since the key exchange has historically be a very problematic
 > part of IPSEC.  It is still a problem and prevents multiple remote
 > clients to the same server through the same NAT for example.  But if
 > you have not customized things there then you are probably okay there.

I have a linux firewall using Firehol and I haven't messed with
anything. As it used to work I suspect the firewall isn't an issue.

 > 
 > Bob