[Openswan Users] Net-after-IPSec

Christian Tardif christian.tardif at servinfo.ca
Thu Sep 30 00:52:46 CEST 2004

On Wed, 2004-09-29 at 19:05, Jacco de Leeuw wrote:

> This post by Clive A Stubbings may be helpful:
> http://lists.openswan.org/pipermail/users/2004-August/001954.html

I've seen this post regarding patches to apply in order to get a working
NAT-after-IPSec....  The patches have been applied, and the kernel has
been compiled with no errors. But then, my question is still on the

> You mean you are using L2TP/IPsec? You don't have to. You
> can use plain IPsec if you are willing to set up Panther's
> racoon configuration manually, but you can also install a
> third-party application that does it for you.

Plain IPsec has its limitations. For example, you won't be able to get
your way to a second (after the recorded subnet in IPsec config) subnet
(or am I misunderstanding something ?). And since I won't always have
control over the Panther machine on the other end, I must stay the
nearest standard possible.

> See also:
> http://wiki.openswan.org/index.php/InteroperatingMac

I'll keep an eye on it, but I think I still need to use L2TP...

Other cues ?

Thanks you all....

Christian Tardif
Tél: 514.237.6332
christian.tardif at servinfo.ca

More information about the Users mailing list