Blaz Zupan wrote:
> > The client sends the rouer a tunneled packet (ip header, esp
> > protocol) just fine. Using "tcpdump -n", I noticed that my ESP packets
> > are not being translated. All other packets are translated just fine
> > (included IKE exchanges; web access to my cable provider,
> > www.freebsd.org etc.) The IP packets with protocol of ESP results in
> > my private subnet (172.16.x.x) still being in the IP source address
> > field.
>
> IPSec and NAT don't play together
I've set other pepole up (granted with comercial products) to do this very
thing just fine.
I'm not using AH, just ESP, so nat'ing the IP address of the outer header
will not break anything.
MikeC
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
