On Mon, Feb 16, 2009 at 05:12:34PM -0800, Hao Wu wrote: > If we configure NAT and IPsec on the same system. an incoming packets > undergoes IPsec or NAT first in Solaris? If NAT first, some policy NAT > rules incluing TCP/UDP port will not be applied.
NAT is first on inbound, and last on outbound. You are correct about the
rules, BTW. But IPsec NAT-traversal does work (even in transport mode).
Dan
_______________________________________________
networking-discuss mailing list
[email protected]
