[Openswan Users] Re: Help:only one GW enable nat-t can succeed?

Tiago Freitas Leal tfl at netcabo.pt
Tue Jun 1 13:06:16 CEST 2004


If IPSec passthrough is enable, you don't need NAT-T. In fact you should
disable NAT-T or else the connection will fail.


> Hi,All
> I would enable nat-t function in SFS 1.99.8 on linux2.4.17,but first I
have two questions:
> LAN1-------Gateway1----NAT1--------------NAT2--------Gateway2-------LAN2
> 1.I heard that if two ipsec gateways are behind NAT device,only one
gateway enable nat-t can succeed,two gateways enable this functions at the
same time would fail. Is that right?
> 2.on the SFS gateway1,I enable nat-t function whether whether there is
NAT1 in the front of it or not,can it work?
> Any advice is highly appreciated!Thanks a lot!
>
>
>
>
> ¡¡¡¡Regards.
>
>
> ¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡swcims
> ¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡swcims at 163.com
> ¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡2004-06-01
>



More information about the Users mailing list