[Openswan Users] Openswan and NAT

John A. Sullivan III jsullivan at opensourcedevel.com
Wed Aug 10 09:33:05 CEST 2005


We've done that quite successfully in the ISCS project
(http://iscs.sourceforge.net). In fact, we even create internal NAT to
temporarily resolve internal IP addressing conflicts with the click of a
button and a few key strokes.

One does need to be careful where one NATs in the process and which
traffic is NAT'd and there are the inevitable DNS issues.

What in particular concerns you? - John

On Wed, 2005-08-10 at 06:45 -0500, Andr?Calder?aramillo wrote:
> Thanks John,
> 
> I am configuring IPSEC gateway and NAT on the same sever.
> 
> Oscarc
> 
> ----- Mensaje original -----
> De: "John A. Sullivan III" <jsullivan at opensourcedevel.com>
> Fecha: Martes, Agosto 9, 2005 10:15 pm
> Asunto: Re: [Openswan Users] Openswan and NAT
> 
> > On Tue, 2005-08-09 at 22:07 -0500, Oscar Calderon wrote:
> > > Hello everybody,
> > >  
> > > How can I to configure a machine as IPSEC server and NAT using
> > > SuSeFirewall 2?
> > >  
> > <snip>
> > I'm not sure what you mean.  Are you concerned about running a NAT
> > gateway and IPSec on the same device? Are you concerned about 
> > running an
> > IPSec gateway behind a NAT gateway?
> > 
> > There are some slightly dated training slide shows on using iptables,
> > openswan and iproute2 in the training section of
> > http://iscs.sourceforge.net.  Perhaps they may be of some help to 
> > you -
> > John
> > > 
> > -- 
> > John A. Sullivan III
> > Open Source Development Corporation
> > +1 207-985-7880
> > jsullivan at opensourcedevel.com
> > 
> > Financially sustainable open source development
> > http://www.opensourcedevel.com
> > 
> > 
> 
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com

Financially sustainable open source development
http://www.opensourcedevel.com



More information about the Users mailing list