[strongSwan] [Strongswan] IPSec with NAT

SaRaVanAn saravanan.nagarajan87 at gmail.com
Sun Jul 15 20:33:52 CEST 2012

Hi Friends

I m a newbie to IPSec in Strongswan. I got a basic doubt below.  I need
experts Guidance

My topology is like
Tunnel has been formed between R1 and R2. ---------------- R1 (

(Strongswan)                                           (Strongswan)

NAT has been applied on egress interface of R1. (eth0)

Suppose my SPD is like ----------------,
encryption is not happening, because NAT has been applied before

So what I need to do, If I want to encrypt packets from to, without removing dynamic NAT. Because in real time
scenario, NAT should be applied for private to public IP translation.
I have not found any configurations for this in Strongswan.

Please provide your inputs on this.

Saravanan N
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120715/c14e92ac/attachment.html>

More information about the Users mailing list