Thanks, I was pretty sure that I was on the right track.
Just for clarification: "..., and run an IPSec 'helper' module (with 2.2 kenels...I'm not sure if the 2.4 kernels work the same way) or use nat-traversal (which 'tunnels' the protocol 50 traffic across UDP)." This refers to the internal machine running the ipsec server. There is nothing that has to be added to the Bering firewall box. Right? (Basically, all the firewall sees is the UDP packet, which it just port-forwards like anything else. The NAT-traversal "patch" is applied to machines at both ends of the ipsec tunnel, not the firewall/NAT-PAT machine.) Thanks - Ted ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
