Hie, I would've tried something different if I had the possibility to choose. This is a solution chosen by the company I work for. Are you sure about that IPSec can't be NATed? NAT-T is kind of meant to handle just that. Also, my colleagues have no trouble through e.g. D-Link routers. The ISAKMP part NATs just fine... Regards, /Ola Michael Gale <michael.gale@xxxxxxxxxxxxx> writes: > Hello, > > You can not NAT ESP (protocol 50) traffic. Some IPSEC clients > and servers support NATing but I believe this requires special > implementation on the client and server end. > > If you want to NAT a VPN tunnel I suggest you try a SSL base > VPN. OpenVPN works well, you could also try TCP or UDP encapsulation > to help get around the NAT issue. > > Michael. -- /Ola Nilsson
