[Openswan Users] openswan, cisco pix and nat problem
Ole Morten
olemotor at gmail.com
Fri May 13 07:53:23 CEST 2005
Hi,
What kernel version do you use?
http://www.openswan.org/docs/local/README.Kernel26 states:
* Using SNAT and the 2.6 ipsec code apparently doesn't go well together.
Reported by Alexander Samad. Known issue for the netfilter team. DNAT
works as usual, meaning you have to exlude DNAT'ing packets meant for
a tunnel.
I do not know if this information is valid, having followed the recent
discussion regarding compression and 2.6?
I have so far not been able to make any xxxSWAN version to work together
with SNAT under any 2.6.x kernels. Using kernel 2.4.25 this works.
The Linux box talks with Nortel devices.
brgds
Ole M.
More information about the Users
mailing list