[Openswan Users] Net-after-IPSec
Christian Tardif
christian.tardif at servinfo.ca
Thu Sep 30 00:52:46 CEST 2004
On Wed, 2004-09-29 at 19:05, Jacco de Leeuw wrote:
> This post by Clive A Stubbings may be helpful:
> http://lists.openswan.org/pipermail/users/2004-August/001954.html
I've seen this post regarding patches to apply in order to get a working
NAT-after-IPSec.... The patches have been applied, and the kernel has
been compiled with no errors. But then, my question is still on the
table.
> You mean you are using L2TP/IPsec? You don't have to. You
> can use plain IPsec if you are willing to set up Panther's
> racoon configuration manually, but you can also install a
> third-party application that does it for you.
Plain IPsec has its limitations. For example, you won't be able to get
your way to a second (after the recorded subnet in IPsec config) subnet
(or am I misunderstanding something ?). And since I won't always have
control over the Panther machine on the other end, I must stay the
nearest standard possible.
> See also:
> http://wiki.openswan.org/index.php/InteroperatingMac
I'll keep an eye on it, but I think I still need to use L2TP...
Other cues ?
Thanks you all....
--
Christian Tardif
ServInfo
Tél: 514.237.6332
christian.tardif at servinfo.ca
More information about the Users
mailing list