[Openswan Users] 26sec
Michael Richardson
mcr at sandelman.ottawa.on.ca
Wed Feb 4 12:19:43 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Tuomo" == Tuomo Soini <tis at foobar.fi> writes:
>> If you want to do NAT before a tunnel, then you'll have to use KLIPS.
>> It does not build on 2.6, but it will soon.
Tuomo> I think you are wrong here. If you _don't_ want to snat before
Tuomo> tunnel you have to set exceptions with 26sec.
There are people who want to do NAT going into the tunnel, which it is
my understanding can not be done, because POSTROUTING is run after the
tunnel encapsulation.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQCEproqHRg3pndX9AQE4fQP/fBcUbbENZL7I7IkWOTo5dKDdMrZb17Nn
jXfltFgeDZOiUHO+wMu+RT8+8SCI9umQhl5jZS9oW1ozRuafaBy++M5As5RYgGUU
ty63i0FINEdwsOSDb62Hbgu4cVjphlXndEbe/YOBnOsZ649g5rbS6ED7LOfh4z/G
mFJkWpdFcAg=
=yAbS
-----END PGP SIGNATURE-----
More information about the Users
mailing list