Subject: Re: ipsec and ipnat.
To: Reinoud <Reinoud.Koornstra@ibb.net>
From: None <itojun@iijlab.net>
List: tech-net
Date: 07/30/2000 23:02:37
>Ipsec works fine between machines who support it and which are set up
>properly. But when i am comming from an internal network where ipnat or
>nat is done by cisco, then ipsec of doesnt work anymore. Certainly not
>when this is the same when you're talking to a machine on another network
>which also runs behind a nat machine. Is there a way to make this work?
>Or would it require that the routers use nat and the internal traffic
>doesnt? Then the prob is that the other network i am talking to uses
>cisco routers. I dont know if cisco can do ipsec.
>Any suggestions in this? Right now i am using it just between machines
>which do not stand behind a nat machine and seems to work fine :)
>Bye,

	ipsec does not work with nat, at all.  they have very conflicting
	goals. (nat wants to look at/rewrite payload, ipsec tries to 
	encrypt payload and detect the rewrite of payload)

itojun