[strongSwan] [Strongswan] IPSec with NAT

SaRaVanAn saravanan.nagarajan87 at gmail.com
Sun Jul 15 20:33:52 CEST 2012


Hi Friends

I m a newbie to IPSec in Strongswan. I got a basic doubt below.  I need
experts Guidance

My topology is like
Tunnel has been formed between R1 and R2.

10.2.2.2 ---------------- R1 (172.31.114.226)(Moon)
---------------------R2(Carol)(172.31.114.227)
                                     eth0

(Strongswan)                                           (Strongswan)

NAT has been applied on egress interface of R1. (eth0)

Suppose my SPD is like  10.2.2.2/32 ---------------- 172.31.114.227,
encryption is not happening, because NAT has been applied before
encryption.

So what I need to do, If I want to encrypt packets from 10.2.2.2 to
172.31.114.227, without removing dynamic NAT. Because in real time
scenario, NAT should be applied for private to public IP translation.
I have not found any configurations for this in Strongswan.

Please provide your inputs on this.

Regards,
Saravanan N
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120715/c14e92ac/attachment.html>


More information about the Users mailing list