Iptables, nat, and IPSec
drbeach at rogers.com
Thu Apr 7 00:42:38 CEST 2005
> So you have to activate on your clients the NAT-T "feature" and be sure
the other side supports it too.
Okay, so if I understand correctly it's a matter of configuring both sides
of the IPSec connection in accordance with their NAT-Traversal settings, and
any intermediate NATting device is blissfully oblivious.
So, clearly, my next step is to figure out if Nortel's Contivity server and
client software support NAT-Traversal, and I can stop looking at my iptables
box and router.
More information about the netfilter