Hi, > 1). public node can create IPsec connection with 2 or more private nodes > behind NAT?
Sure. > 2). IPv6 behind NAT? > https://lists.libreswan.org/pipermail/swan/2018/002489.html shows > that libreswan does NOT support it because "Linux does not yet have > support for IPv6-ESP-in-UDP encapsulation". > I am not sure whether https://wiki.strongswan.org/issues/939 is > fixed or not. It was posted 3 years ago. It's still open, so why would you think it's fixed? And the reason is still the same: the Linux kernel currently does not support UDP encapsulation for IPv6. Regards, Tobias
