|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Fri, 08 Jul 2005 14:20:33 -0700 From: Crist Clark <crist.clark@globalstar.com> In-reply-to: <0d9f3b938ce3e5ce1827a53152971837@cisco.com> To: Fred Baker <fred@cisco.com> Cc: "Jay R. Ashworth" <jra@baylink.com>, nanog@merit.edu Reply-To: crist.clark@globalstar.com Errors-To: owner-nanog@merit.edu Fred Baker wrote: [snip] > A NAT, in that context, is a stateful firewall that changes the > addresses, which means that the end station cannot use IPSEC to > ensure that it is still talking with the same system on the outside. [snip] No, you can't use AH, but yes, you can use IPsec through NAT. See RFC3947 and RFC3948. But it is not pretty. -- Crist J. Clark crist.clark@globalstar.com Globalstar Communications (408) 933-4387
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |