Hi,

Is it possible to let ipsec (esp in tunnel mode in this case) on a natting
machine take place after nat has been done?
The only other way would be not to have the tcp header being encrypted by
esp if there exists such an implementation at all cause i didnt see rfc
2406 state something about that at all.
Bye,

Mipam.