[Openswan Users] Please confirm: kernel 2.6, openswan, iptables
+ Masquerade do not work together
Paul Wouters
paul at xelerance.com
Mon May 16 15:43:46 CEST 2005
On Mon, 16 May 2005, Markus Feilner wrote:
> Is it correct that on kernel 2.6, openswan and iptables Masquerading do
> not work together ? I read about SNAT Problems ...
> Ist there a workaroung or do I have to change the hardware ... :-(
> My IPSEC Partner wants me to do Masquerading on my ipsec connection, so
> that all traffic to his hosts seem to come from my public IP.
that's more or less correct. There are patches floating, I believe in the
SuSe kernel tree and in the netfilter patch-o-matic, that might work for
you, but it will require you running very bleeding edge 2.6 kernels.
Perhaps using a 2.4 machines with KLIPS is a better solution for you?
Paul
More information about the Users
mailing list