[Openswan Users] NAT traffic (contact_mark)

Paul Wouters paul at xelerance.com
Mon Mar 21 16:12:24 EDT 2011

On Mon, 21 Mar 2011, contact_mark at btopenworld.com wrote:

> Subject: [Openswan Users] NAT traffic (contact_mark)
> If sending NAT traffic over ipsec is considered mangling and in violation of
> ipsec why am I able to SNAT ipsec traffic using Juniper or Cisco devices but
> not on openswan?

Because they are violating RFC requirements and their own negotiated policies.
An example can be seen here:



More information about the Users mailing list