kernel 2.6 ipsec and DNAT

Michael Leun netfilter at
Thu Sep 16 07:25:27 CEST 2004


On Mon, 13 Sep 2004 12:29:56 +0200
"Brent Clark" <bclark at> wrote:

> >Hi all,
> >i have recently discovered on the list that more people is suffering
> >the nat problem with ipsec vpn tunnels on 2.6.x kernels, does anyone
> >know if its fixed on ??
> >The unique way i found to bypass the nat problem is using a proxy
> >server(squid), not the best solution but for now im able to surf the
> >web .-)

> But why would nat a vpn tunnel be a problem.
> Are there certain requirement for creating tunnel.
> Can the vpn server \ client be on the same box as the iptables
> gateway\router\firewall.

I've a notebook, running linux of course and I have an vpn tunnel. There
are sometimes some jobs which require windows, because there is no such
software for linux - then I run windows in vmware and need, of course
linux to forward the packets from vmware through the tunnel.

I would really appreciate to see this fixed soon.


Michael Leun

More information about the netfilter mailing list