[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    Re: bidding down attach on NAT-T
From:       Francis Dupont <Francis.Dupont () enst-bretagne ! fr>
Date:       2003-03-18 21:57:36
[Download RAW message or body]

 In your previous mail you wrote:

   IPSEC (as implemented) is a massive pain wrt NAT.
   Even if users have a choice to remove their NAT (i.e. their home
   Linksys router), they usually don't want to or can't.
   
=> I believe you assume far too much about the power of the IETF.
The only useful thing that IETF can (should!) do is to define
a good NAT traversal mechanism. To make its support mandatory is
only annoying for implementors, this doesn't make it more available
on the market...

   I realize there are lots of other ways for IPSEC to be employed, but
   remote network access is certainly a key area that is hurting because
   of this.  I strongly recommend a MUST for NAT-T.
   
=> reread RFC 2119.

Regards

Francis.Dupont@enst-bretagne.fr
[prev in list] [next in list] [prev in thread] [next in thread]