[strongSwan] L2TP help

Andreas Steffen andreas.steffen at strongswan.org
Thu Sep 23 08:43:45 CEST 2010

Hi Troy,

the better solution is to switch to IPsec tunnel mode (which
MS Windows allows you to do).


On 22.09.2010 21:33, Troy Telford wrote:
> On Wednesday, September 22, 2010 01:04:54 pm Andreas Steffen wrote:
>> Hello Troy,
>>> #4: NAT-Traversal: Transport mode disabled due to security concerns
>> means that the option
>>  ./configure --enable-nat-transport
>> is not active.
>> Regards
>> Andreas
> Since I'm using the debian package, I looked at the debian source pkg, and 
> found the following:
> # Could enable --enable-nat-transport, but this is actually insecure,
> # so don't!
> Is there any truth to this statement, and transport mode is a bad idea, or is 
> it outdated and something I should ask the debian package maintainer to 
> update?

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list