Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake and SNAT shenanigans

[cdemarco@xxxxxxxxxxx]

On Thu, Nov 04, 2004 at 09:17:54AM +0100, SianLun Lau wrote:

> 10.254.254.0/24 --- 192.168.1.1 - 192.168.15.1 --- 172.16.25.0/24
> 
> subnet A                IPSEC GW1   IPSEC GW2     subnet B
> 
> between gW1 and gw2 is the Internet. something like that? 

Correct-a-mundo!


> as long  as  the packet  after  encapsulation  is not modified,  the

Right.  So my question still  stands: is it  possible (and if so, how)
to do this NAT-outside-VPN  on *ONE_BOX*?  I  can do it with  two, but
I'd like to try with only one.



-- 
% You are in a maze of twisty passages, all alike.
Christopher DeMarco <cdemarco@fastmail.fm>          
PGP public key ID 0x2E76CF5C @ pgp.mit.edu
+6012 232 2106


---------------------------------------------------------
To unsubscribe: send mail to ossig-request@mncc.com.my
with "unsubscribe ossig" in the body of the message