From: Sam Sgro (sam_at_freeswan.org)
Date: Wed Nov 27 2002 - 05:27:30 CET
-----BEGIN PGP SIGNED MESSAGE-----
On 26 Nov 2002, Ad Koster wrote:
> According to the FreeSWan documentation several limitations do exist
> concerning NAT-ed connections/FreeSwan.
>
> Is this a FreeSwan-only problem or an IPSEC limitation in general??
This is a general IPSec limitation; it wasn't built with NAT in mind.
NAT-Traversal - encapuslating ESP packets in UDP - was designed to overcome
this limitation.
> For example: is it possible to set up a connection using SSH Sentinel
> behind a 3Com OfficeConnect gateway to another gateway running FreeSwan?
Yes; the easiest way is to use FreeS/WAN patched with NAT-traversal, as SSH
Sentinel supports it. Check open-source.arkoon.net or www.freeswan.ca for more
information.
- --
Sam Sgro
sam_at_freeswan.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.
iQCVAwUBPeRJs0OSC4btEQUtAQHiAgP+ITHmwStHEn0M5RldYwuWslz47EJNSmzz
zOVYVs2v336Nd75k5Je3qM9j+F2Avxt5Z2IYVnmilCu0dwfTuT326NPqA8+cT15V
nTyccJ3x5UZhXSGtvbvs6eOp1CUQE4DE/XH0mW0akKbaWKeBYzaO7TdaW/F7pc0W
iCLm1EICmdk=
=n7cu
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Thu Nov 28 2002 - 05:20:52 CET