Way back in 2.0.18 kernel, there was an IPsec connection tracking module that would allow me to masquerade multiple IPsec clients (eg Cisco VPN client) all going to the same remote IPsec server onto one external IP address. This was done with IPsec connection module + ipmasqadm + ipchains. I have never been able to get the above to work on iptables. In the early days of iptables, I also noticed there was no IPsec conntrack module. If I have only 1 external IP address on my firewall/gateway to SNAT to, is there a way to support multiple IPSec clients on my internal LAN all establishing IPSec connections to the same destination IPSec server? Any pointer will be appreciated. thanks, patrick - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
