On Tue, 21 Oct 2008, [EMAIL PROTECTED] wrote: > Joseph Mack NA3T wrote: >> If this is correct, I'm stumped. The next approach might be >> to do tcpdumps to see what's happening. >> > > Wouldn't the IPsec mode play a role in whether it works through > NAT or not? AH for instance will not work though NAT and ESP > may or may not depending on how smart the end devices are. I > have always tried to avoid NAT while doing any type of IPsec.
I've not setup ipsec, but when you use it with LVS, you should be decrypting the packets before they arrive at the director, presumably at the INPUT chain, or ipsec/LVS wouldn't work at all. Joe -- Joseph Mack NA3T EME(B,D), FM05lw North Carolina jmack (at) wm7d (dot) net - azimuthal equidistant map generator at http://www.wm7d.net/azproj.shtml Homepage http://www.austintek.com/ It's GNU/Linux! _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
