* Schulz, Wolfgang wrote on Wed, Jun 20, 2001 at 10:22 +0200:
Is there any way to use masquerading and ipsec on the same gateway (firewall)?
Yes, but you cannot masquerade IPSec tunnels (don't mix that). If the tunnel starts on the machine which do masquerading you usally want that tunneled connections not to be masqueraded - so adapt the masqurading rules. Please note, that you must not masquerade IPSec traffic (proto 50/51).
If this is not possible with ipsec - is this maybe possible with cipe (I only know the name till now).
I guess it would, but IPSec is somewhat more platt-form independed and my choice. With SuSE 7.0/7.1 it's easy to set up IPSec, just install freeswan.rpm (well, I'm not sure if that RPM is avialable for recent kernel updates, so you may get a problem here, check FTP server), edit ipsec.conf according to the documentation and run it :) oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.