Hi, On Sun, Jul 11, 2004 at 01:25:31PM -0500, J Moore wrote: > > it's the nature of the protocol. Use nat-t and you should not have any > > problem... > > > > I've looked through the pf user's guide, and can't find anything on > "nat-t"... How is nat-t accomplished in OBSD's pf?
NAT-T is a feature to support IPsec tunnels between a VPN client and a gateway if IP flows are translated. Hakan Olson has added recently NAT-T support in OpenBSD-current : - ESP in UDP encapsulation in kernel - NAT-T negociation in IKE messages for isakmpd daemon If you want use it, upgrade your system to -current and use a VPN client compatible with NAT-Traversal. In PF conf, you must allow incoming connections on UDP ports 500 and 4500. A++ Foxy -- Laurent Cheylus <[EMAIL PROTECTED]> OpenPGP ID 0x5B766EC2
