forceencaps=~[yes|no]
Availability: Openswan 2.2.0dr2 and above.
Default: no
The option forces the use of ESP in UDP encapsulation, which is part of the NAT-T IETF Drafts and RFCs. Both sides must support NAT Traversal for this to work, or the connection will fail. This option is only needed on 1 side of the connection, as the other side will respect the request for ESP in UDP encapsulation.
When set to yes, the local side will modify the proposals to request ESP in UDP encapsulation, even if NAT is not detected. This is useful to bypass firewalls that are blocking the ESP protocol.
