ipsec before nat ??? need to know: ipsec v1.91
[A] private networks ================ ^ | v dcd nat/masq ipsec === t-1 | v internet ======== | v cisco router ============ ^ | v [B] dicom black box =============== mixed networks [C] Required: Transfer medical images through one-way ipsec tunnel from [A] to [B]. [D] Required: Cisco router *WILL NOT* route private (rfc 1918) addresses inside network [B]. [E] T1 on side [A] has one (1) /32 network [Z]. [F] ISP on side [A] also routes one (1) public /28 network [Y] that is _different_ from T1 network. Therefore, ip alias and dmz are options. [G] Manager of [B] wants to see [Z] at [B]; but, if requirements are now exhaustive, then [Y] should also be acceptable. [H] FreeS/WAN site indicates that this is possible: <http://www.freeswan.org/freeswan_trees/freeswan-1.91/doc/HowTo.html#nat_bad> Notice that the links is dead ;< [I] Searching their list archives turns up references to nat-traversal; but, that is not supported in v1.91 -- is it? <http://lists.freeswan.org/pipermail/users/> How have you accomplished this feat? What pointers can you point out to me? What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ------------------------------------------------------- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html