Blaz Zupan wrote:
> > > IPSec and NAT don't play together
> >
> > I've set other pepole up (granted with comercial products) to do this very
> > thing just fine.
> >
> > I'm not using AH, just ESP, so nat'ing the IP address of the outer header
> > will not break anything.
>
> Ok, let me rephrase it. IPSec and NAT don't play together on FreeBSD. natd
> does not know how to masqeurade ESP packets.
Do you know if this is the case "in general" or just with ipfw/natd? (i.e.
does ipfilter also have the problem?)
I noticed that 4.2-Release helped one person get at least one tunnel through
ipfw/natd (see:
http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=569112+572471+/usr/local/www/db/text/2000/freebsd-questions/20001217.freebsd-questions
)
When I upgrade to 4.2-Release, I'll try again :-)
MikeC
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
