-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 2 Jul 2002, Paul Wouters wrote:
> See http://www.sandelman.ottawa.on.ca/linux-ipsec/html/2001/03/msg00186.html
>
> You basicly have to disable NAT for both the local ranges, so they can keep
> talking to each other (through the VPN)
Paul,
My understanding of the situation was that it is safe to NAT packets
encrypted with ESP alone - the problem lies with AH. Thus, if you're
connecting two FreeS/WAN boxes via the defaults, using ESP by default,
there should be no trouble. Is this the case, or does RL experience contradict
this?
Sam Sgro
sam_at_freeswan.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.
iQCVAwUBPSI1HUOSC4btEQUtAQEvcwQAytMUqBoKqu0hs26whhUrI1U5Twst44tu
Xj0gN40ZQe4YbztEBr2OIKFvSlCDA/S/OQerTvLNljqVmUCqj6EnGtCxF9yYKtC5
6JPzLItkkjbVFVO9Jg+CLeJE0YHPTTK/h01gAAReP5N9ep4hDS3+bxxqmoG3kMA8
nNkC80aIWIk=
=1F1C
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:18 CEST