[Openswan Users] 26sec
Alexander Samad
alex at samad.com.au
Wed Feb 4 08:09:17 CET 2004
Hi
My current understanding is there is a problem with netfilter and the
26sec (or native ipsec stack in 2.4). The hooks are in the wrong
places.
I under the right circumstance want to do snat + dnat before encrypt.
and then I might want to do snat + dnat on the encryption. The current
26sec stack doesn't allow for this. Although the work around seems to
be to create more policy matche the un-nat'ed policies.
I also not there is a debian directory in the tar ball, is this a hang
over from freeswan or ???
I would prefere to package than make && make install
A
On Tue, Feb 03, 2004 at 10:16:50PM +0200, Tuomo Soini wrote:
> Michael Richardson wrote:
>
> >If you want to do NAT before a tunnel, then you'll have to use KLIPS.
> >It does not build on 2.6, but it will soon.
>
> I think you are wrong here. If you _don't_ want to snat before tunnel
> you have to set exceptions with 26sec.
>
> --
> Tuomo Soini <tis at foobar.fi>
> Linux and network services
> +358 40 5240030
> Foobar Oy <http://foobar.fi/>
>
> _______________________________________________
> Users mailing list
> Users at lists.openswan.org
> http://lists.openswan.org/mailman/listinfo/users
More information about the Users
mailing list