If I understood John correctly he is wanting to use his Linux IPSec firewall / NAT router as one end of the IPSec VPN tunnel. If that is indeed the case then yes Linux can be configured to do so. You will need to look at FreeS/WAN (dyeing / defunct (as I know it)) and / or OpenS/WAN (alive and kicking very strongly). There are some interoprability incompatabilities between different IPSec implementations between FreeS/WAN / OpenS/WAN and other vendor's IPSec VPN products. I personaly know that I have gotten OpenS/WAN (version unknown at the moment) to work with Linksys BFEVP41 (first version) routers as long as I keep a ping flowing through the VPN. Grant. . . . > As far as I know, you would not need anything on the Linux box. > > It will all depend on whether the clients and server IPSEC implementation > support IPSEC NAT T(raversal). > > Microsofts IPSEC implementation does. But has some drawbacks.