From owner-freebsd-net Fri Oct 18 7:12:23 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7678437B401; Fri, 18 Oct 2002 07:12:22 -0700 (PDT) Received: from dominion.1my.net (dominion.1my.net [202.56.152.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 44B9943E97; Fri, 18 Oct 2002 07:12:21 -0700 (PDT) (envelope-from mikechoo@opensos.net) Received: from lifebook ([219.93.84.169]) (authenticated bits=0) by dominion.1my.net (8.12.5/8.12.5) with ESMTP id g9IECCGK070737; Fri, 18 Oct 2002 22:12:17 +0800 (MYT) (envelope-from mikechoo@opensos.net) Date: Fri, 18 Oct 2002 22:11:55 +0800 From: Michael Choo X-Mailer: The Bat! (v1.60) Personal Reply-To: Michael Choo Organization: OpenSOS Sdn Bhd X-Priority: 3 (Normal) Message-ID: <4510281043.20021018221155@opensos.net> To: owner-freebsd-net@FreeBSD.ORG, Matthew Zahorik Cc: freebsd-net@FreeBSD.ORG Subject: Re[2]: IPSEC/NAT issues In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello Matthew, Friday, October 18, 2002, 9:39:51 PM, you wrote: MZ> On Fri, 18 Oct 2002, Andrew P. Lentvorski wrote: >> You cannot NAT an IPSEC packet. NAT rewrites the IP headers and the >> packet will get rejected when it reaches the other IPSEC node. MZ> Not exactly true. I use a Windows Nortel Contivity client behind NAT just MZ> fine. Yup, I use a Windows Nortel Contivity client behind a FreeBSD userland PPP NAT just fine too. -- Best regards, Michael mailto:mikechoo@opensos.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message