On Wed, 7 Mar 2001, Herb Singleton wrote:

>  On Tue, 6 Mar 2001, Herb Singleton wrote: 
>   
> > Has anyone had any luck forwarding IPsec packets 
> > through IP NAT? 
>   
> > Any ideas if/how to configure IPNAT rules to allow 
> >these connections through? I am 
> > currently using Erik Winkler's ipf.conf (with a few 
> > modifications). 
> 
> I am going to answer my own question for the
> sake of the archives and newbies:
> 
> Assuming the IPsec tunnel is using esp packets (AH
> packets will never work through NAT) put the following 
> line in your ipnat.conf file:
> 
> rdr sn0 0/0 port 0 -> your.internal.ip.address port 0 esp 
> 
> This line redirects all esp packets to a specific host in
> your internal network. The downside is that this only works
> for a single internal address.

How exactly are you tunneling your vpn around?

Take care,

Bill