NAT Transversal. This is a compile time option and can be found in the racoon.conf once it is
compiled in. Here is the excerpt from the racoon.conf man page.
nat_traversal (on | off | force);
This directive enables use of the NAT-Traversal IPsec
extension (NAT-T). NAT-T allows one or both peers to
reside behind a NAT gateway (i.e., doing address- or
port-translation). Presence of NAT gateways along the
path is discovered during phase 1 handshake and if found,
NAT-T is negotiated. When NAT-T is in charge, all ESP
and AH packets of a given connection are encapsulated
into UDP datagrams (port 4500, by default). Possible
on NAT-T is used when a NAT gateway is detected
between the peers.
off NAT-T is not proposed/accepted. This is the
force NAT-T is used regardless if a NAT is detected
between the peers or not.
Please note that NAT-T support is a compile-time option.
Although it is enabled in the source distribution by
default, it may not be available in your particular
build. In that case you will get a warning when using
any NAT-T related config options.
This is all that is missing for me to use m0n0wall. It is a REALLY cool product.
Yahoo! Music Unlimited - Access over 1 million songs. Try it free.