On 21/02/10 13:57, Robert wrote:
Hi again,Seems I missed this part in ipsec.conf: mode For ESP and AH the encapsulation mode can be specified. Possible modes are tunnel and transport. When left out, tunnel is chosen. Since I obviously want transport mode for host-host I changed psec.conf:
ESP can also run in tunnel mode for host-host ipsec. Actually ESP in transport mode is not recommended (at least not if you don't combine it with authentication). regards, Giannis
