[strongSwan] [Strongswan] IPSec with NAT

SaRaVanAn saravanan.nagarajan87 at gmail.com
Fri Jul 20 09:05:52 CEST 2012


Hi ,
   Any help on the below query?

Regards,
Saravanan N

On Mon, Jul 16, 2012 at 12:03 AM, SaRaVanAn <saravanan.nagarajan87 at gmail.com
> wrote:

>
> Hi Friends
>
> I m a newbie to IPSec in Strongswan. I got a basic doubt below.  I need
> experts Guidance
>
> My topology is like
> Tunnel has been formed between R1 and R2.
>
> 10.2.2.2 ---------------- R1 (172.31.114.226)(Moon)
> ---------------------R2(Carol)(172.31.114.227)
>                                      eth0
>
> (Strongswan)                                           (Strongswan)
>
> NAT has been applied on egress interface of R1. (eth0)
>
> Suppose my SPD is like  10.2.2.2/32 ---------------- 172.31.114.227,
> encryption is not happening, because NAT has been applied before
> encryption.
>
> So what I need to do, If I want to encrypt packets from 10.2.2.2 to
> 172.31.114.227, without removing dynamic NAT. Because in real time
> scenario, NAT should be applied for private to public IP translation.
> I have not found any configurations for this in Strongswan.
>
> Please provide your inputs on this.
>
> Regards,
> Saravanan N
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120720/6934b656/attachment.html>


More information about the Users mailing list