[Openswan Users] NAT-T and ipsec.conf
Brent Clark
bclark at rocketseed.us
Wed Sep 1 11:23:42 CEST 2004
>You cannot really test out NAT-T with a %direct connection. You actually
>*have* to NAT the packets, and you cannot do that on the gateways itself.
>
>Paul
Hi
im pretty clueless on vpns etc, still learning it all.
Cant you put the one vpn on a different nic and subnet
Therefore it will be like
+-----+ +-----------+ +----+
| 1 |192.168.x.a FW NIC eth0 <---- | Firewall | -----> FW NIC eth1
10.x.t.u | 2 |
+-----+ +-----------+ +----+
please excuse the mis-allignment of the ascii art.
Kind Regards
Brent Clark
More information about the Users
mailing list