-------- Original Message --------

> Interesting stuff but nothing to do with IPsec.
> 
> IPsec ESP tunnel mode (which is what m0n0 uses normally for its IPsec tunnels) 
> consists of an IP header, that has as its payload the ESP header that in turn 
> encapsulates the original IP packet.  The original packet may contain TCP, 
> UDP, ICMP etc. - IPsec is not interested in layer 4 stuff (so far as moving 
> the packets is concerned - the policy engine is a different matter).

ESP of course!

(You can laugh and imagine my face while I realize I've written 
something stupid in my previous post)

Thank you ;-)

-- Vincent