On Tue, 21 Oct 2008, kwijibo@xxxxxxxxxx wrote:
> Joseph Mack NA3T wrote:
>> If this is correct, I'm stumped. The next approach might be
>> to do tcpdumps to see what's happening.
> Wouldn't the IPsec mode play a role in whether it works through
> NAT or not? AH for instance will not work though NAT and ESP
> may or may not depending on how smart the end devices are. I
> have always tried to avoid NAT while doing any type of IPsec.
I've not setup ipsec, but when you use it with LVS, you
should be decrypting the packets before they arrive at the
director, presumably at the INPUT chain, or ipsec/LVS
wouldn't work at all.
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!