[Openswan Users] Help:NAT and superfreeswan on the same
gateway!!!
Paul Wouters
paul at xtdnet.nl
Mon Feb 16 12:31:45 CET 2004
On Mon, 16 Feb 2004, Alexander Samad wrote:
> One other thing NAT'ing of packet on a machine that is doing IPSEC on
> the native stack (ie not klips) doesn't work, this is being addresses by
> the netfilter team.
Could you give us more details on what they are attempting to "fix"?
NAT'ing an IPsec packet will always destroy that packet. So do you mean that
just running IPsec on a machine that also does NAT is just not working for
the 2.6 native stuff? If using exclude/include rules for the -t nat table,
why does it break with their stack?
Paul
More information about the Users
mailing list