[Openswan Users] NAT-T

Oliver Tomkins oliver.tomkins at alliedvehicles.co.uk
Thu Mar 23 09:39:21 CET 2006

Hello all,

The scope of our VPN project has altered that now we have to accept 
connections from users behind routers therefore I have a few questions 
about NAT-T that I've either not been able to find answers to or am not 
sure that the answers I've found are correct.   I've read a few times on 
here about the wiki and other documentation being out of date.

1) We're using the 2.6.15-1.1833_FC4 kernel.  Am I correct in thinking 
that the NAT-T patch is already applied to this kernel?

2) As NAT-T is enabled globally in the ipsec.conf am I correct in 
thinking this will not have an effect on the clients connecting from non 
NAT sources.

3) All our existing non NAT clients connect with type=transport which 
has security implications with NAT-T. Is this only for the clients 
connecting from behind a NAT router?

Many Thanks,


The information in this e-mail is confidential. The contents may not be disclosed or used by anyone other than the addressee. If you are not the intended recipient, please notify the sender immediately by reply e-mail and delete this message. Allied Vehicles cannot accept any responsibility for the accuracy or completeness of this message as it has been transmitted over a public network.
For details of our products and services please visit our website at www.alliedvehicles.co.uk

More information about the Users mailing list