The short answer to your question is yes. I don't use NATD I use IPNAT but I am sure the theories are the same. I found that the challenge was to get the port forwarding right. It also makes using dynamic addresses internally a challenge but I cheated and used statics instead.
Then again after reading your mail again I am not sure that I completely understand what type of tunnel you are wanting to use. If it is a cisco vpn client you are using then nothing really special needs to be done except to ensure that the return traffic gets redirected properly. If it is the M$ PPTP implementation that is a bit more tricky as you need to ensure that you get inbound traffic on 1723 redirected to your internal machine. If your company uses a neat IPSec implementation then it should be possible with the co-operation of your companies firewall admin to set up the gateway to have an IPSec tunnel to the office and all packets destined for company's network ie 10.0.10.0 routed along the gif interface ( read man gif ) and all other traffic via the normal net. HTH LukeK On Sun, 19 Oct 2003 00:10:11 +0000 [EMAIL PROTECTED] granted us these pearls of wisdom: > Is it possible for FBSD's nat daemon to route IPSEC traffic properly? What I am > trying to do is use my FBSD gateway that already NAT's my dsl connection to allow me > to use a IPSEC VPN client to connect to my company's network. I have been through > the howto's, and forums, but I am not certain that it can do what I need it to do. > > > Thanks, > Casey > > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"