[Openswan Users] NAT-T and ipsec.conf
paul at xelerance.com
Wed Sep 1 11:10:18 CEST 2004
On Wed, 1 Sep 2004, Dave Harrison wrote:
[ NAT-T lab setup ]
> My ipsec.conf looks like this :
> config setip
> ... (default stuff)
You either need a virtual_private= line here, or you need to
have a *subnetwithin= statement.
> conn example
You cannot really test out NAT-T with a %direct connection. You actually
*have* to NAT the packets, and you cannot do that on the gateways itself.
More information about the Users