tech-net: Re: racoon (ipsec) and NAT

Subject: Re: racoon (ipsec) and NAT
To: None <itojun@iijlab.net>
From: Martin Husemann <martin@duskware.de>
List: tech-net
Date: 07/05/2002 12:27:46

> 	unfortunately, even with the above setup it doesn't work.  it is just
> 	impossible for IPsec to work with NAT, *by nature*.

I'm sure I don't understand all implications, but in the situation discussed 
here, couldn't he just run a (i.e. GRE) tunnel between the two "public" 
addresses and use IPsec on the inside tunnel traffic?

Martin