From owner-freebsd-pf@FreeBSD.ORG  Tue Apr 24 13:31:11 2007
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id E36E116A402
	for <freebsd-pf@freebsd.org>; Tue, 24 Apr 2007 13:31:11 +0000 (UTC)
	(envelope-from jmok@attglobal.net)
Received: from eoemailadmin.pacific.net.hk (eoemailadmin.pacific.net.hk
	[202.14.67.94])
	by mx1.freebsd.org (Postfix) with ESMTP id 69F7F13C45A
	for <freebsd-pf@freebsd.org>; Tue, 24 Apr 2007 13:31:11 +0000 (UTC)
	(envelope-from jmok@attglobal.net)
Received: from cwb.pacific.net.hk (cwb.pacific.net.hk [202.14.67.92])
	by eoemailadmin.pacific.net.hk with ESMTP
	id l3OChXxm013457 for <freebsd-pf@freebsd.org>;
	Tue, 24 Apr 2007 20:43:33 +0800
Received: from [192.168.16.50] ([210.17.159.154])
	by cwb.pacific.net.hk with ESMTP
	id l3OChUs3031510 for <freebsd-pf@freebsd.org>;
	Tue, 24 Apr 2007 20:43:31 +0800
Message-ID: <462DFB71.5050003@attglobal.net>
Date: Tue, 24 Apr 2007 20:43:29 +0800
From: John Mok <jmok@attglobal.net>
User-Agent: Thunderbird 1.5.0.10 (Windows/20070221)
MIME-Version: 1.0
To: freebsd-pf@freebsd.org
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: NAT-T support in FreeBSD + PF
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Apr 2007 13:31:12 -0000

Hi,

I would like to build a NAT firewall box using FreeBSD + PF at work.
However, I hope someone could advise if PF could support NAT-T, such 
that the IPSec client connections (e.g. a visitor notebook with IPSec 
client) inside the company Intranet could successfully connect passing 
through the NAT box to the Internet IPSec gateway (e.g. the home network 
of a visitor) .

Thanks a lot.

John Mok