[Openswan Users] netkey nat problem

Paul Wouters paul at xelerance.com
Thu Jan 21 18:20:43 EST 2010

On Thu, 21 Jan 2010, Zhiping Liu wrote:

> Thanks Paul.
> As you mentioned,I just find out iptables have a ipsec policy module,insert this rule:
> iptables -t nat -A POSTROUTING -m policy --dir out --pol ipsec -j ACCEPT
> before anything in nat postrouting.

Shouldn't that be RETURN instead of ACCEPT? Perhaps the result is the same.


More information about the Users mailing list