On Wednesday 14 January 2004 12:19 am, mukesh Kumar wrote:
> Hi All,
>
> I am trying to extend conntrack/NAT to allow multiple IPsec(ESP)
> tunnels to pass through.
I'm not sure I understand why you need to "extend" it.
> The purpose is to allow multiple lan clients to have sessions with the
> same server.
This is possible anyway. Standard connection tracking distinguishes
independent connections by source & destination IP address (and also source &
destination port in the case of TCP / UDP), therefore so long as at least one
of the addresses involved in each connection is unique you should have no
problem supporting mutliple sessions. You say you wish multiple clients to
access one server - the clients will all have different IP addresses,
therefore they will be treated as independent connections.
Regards,
Antony
--
Anyone that's normal doesn't really achieve much.
- Mark Blair, Australian rocket engineer
Please reply to the list;
please don't CC me.
