[Ipsec-tools-users] Re: [Openswan Users] nat_traversal in manual
keying ?
Paul Wouters
paul at xelerance.com
Fri Mar 3 00:09:22 CET 2006
On Thu, 2 Mar 2006, Pjothi wrote:
> The feedback from Paul was very useful. But am looking at a very simple
> scenario without a DNS. I just need to enable setkey to "udp encapsulate
> packets" irrespective of the presence of a NAT in between. In the lab
> scenario where I am trying to implement, I just want two systems to be IPSec
> protected, but also UDP encapsulated. (Basically forcing it).
Openswan supports force_encaps=yes on a per connection basis, which fakes
the NAT detection, and thereby forces the other end to use encapsulation
as well.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list