[strongSwan] ipsec and nat on the same linux service
liuqixing2005 at gmail.com
Tue Dec 27 17:27:13 CET 2011
I am doing the ipsec and nat on the same linux service A , which has
two ethernet cards in its two side , and there is a subnet B behind the
service A . Aslo, I am doing the ipsec and nat on the same linux service
C which is the same as service A , and there is a subnet behind the
service D. Service A and service C are connect together by eth0 of service
A and eth0 by service C .
Now I want to achieve that the PC1 in the subnet B can communicate
with eth PC2 in the subnet D ,how should I do? I found that if the packets
go through the forward chain in the netfilter of service A ,the packets
will not encode by IPSEC ,and just go out by eth0 .I hope the packet go out
from the service A must be the packets which is encode by ipsec , how
should I cnfigirate the service A and the service B?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users