On Thu, 13 Apr 2006, Kelly Yancey wrote:
I'm curious: how are you performing NAT on your tunnelled traffic?
the answer is simple: do not NAT on the ipsec interface though it's not fully correct because I do even NAT traffic that goes like: A ---- lan1(ipsec only) --- gw(NAT) --- lan2(ipsec only) ---- B [ipsec only == esp and ike allowed] so the better explanation perhaps is: do not nat on the ipsec interface of the outgoing direction. -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
