[Openswan Users] leftprotoport=17/1701 and non-UDP traffic

GuillermoOntañón gontanon at pandasoftware.es
Mon Jan 9 18:20:37 CET 2006

Hi Paul and thanks for the quick answer,

On Mon, 2006-01-09 at 17:00 +0100, Paul Wouters wrote:
> > So I guess that either I'm doing something wrong or it's not possible to
> > route udp/1701 packets through ipsec0 and all other packets through
> > eth0.
> If you really want it, and I do not know why you'd want it, you can
> add a "passthrough" route:

correct me if i'm wrong but, wouldn't this behaviour (without the
passthrough conn) prevent any other machine behind a NAT from
communicating with the IPSec gateway once a roadwarrior behind that NAT
device has established an IPSec tunnel?

Guillermo Ontañón <gontanon at pandasoftware.es>

More information about the Users mailing list