[Openswan Users] overlapping networks with nat-t
Jacco de Leeuw
jacco2 at dds.nl
Thu Jan 19 16:06:15 CET 2006
Marco Berizzi wrote:
>> though. This will be very hard using netkey.
> Not now. Patrick McHardy patches has been in the
> mainline kernel since 2.6.15-git5. With a recent
> iptables snapshot version there is a new 'policy
> match' which allow very granual control over ipsec
> packets. For anyone who is interested see:
Which of Patrick McHardy's patches are in 2.6.15-git? These?
Does this mean you will be able to run tcpdump and only see
the unencrypted packets and/or NAT these packets to an (L2TP)
server on another interface?
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users