[ previous ] [ next ] [ threads ]
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] ESP
 Date:  Tue, 25 Jul 2006 14:17:25 -0400
On 7/25/06, Hubert Ulliac <Hubert dot Ulliac at uhb dot fr> wrote:
> Bonjour,
> I want to reach a vpn ipsec on my intranet behind m0n0wall.
> I can define NAT inbound rules (ISAKMP 500/UDP) for this server but i
> don't see anything for protocol ESP.

You can't inbound NAT ESP on m0n0wall.  In order to use IPsec on
something behind m0n0wall using NAT, you have to 1:1 NAT that host.
That's a limitation of the NAT software used in m0n0wall.