Jean-François JOLY wrote: > > Hello all, > I'm currently working on VPNs, I just wonder if it's possible to set up an > Ipsec > server behind a Linux FireWall. The question is: is the Linux Kernel able to > forward IP protocols (AH+IKE if I remember well ...) he don't understand ? Yes, this is possible. E.g. with for 'ipchains' command, the '-p' (protocol) option also understands numeric protocol numbers, thus you can specify forwarding rules for protocols that are not known to the kernel. There is also a kernel patch that allows masquerading of IPSec at ftp://ftp.rubyriver.com/pub/jhardin/masquerade/ip_masq_vpn.html
best greets, Rene
