[Openswan Users]

Cameron Davidson cam73 at aanet.com.au
Sun Jul 23 14:43:40 CEST 2006

Greg Scott wrote:
> lots of dumps.

It looks like you are doing NAT of the icmp, so by the time it gets to
the output the source IP does not match the encryption policy.
You will need to explicitly exclude that traffic from your NAT rules.
This is yet another place where netkey makes it a bit harder to do that


More information about the Users mailing list