[prev in list] [next in list] [prev in thread] [next in thread]
List: sidewinder
Subject: [Sidewinder] IPSEC and Sidewinder
From: sidewinder () adeptech ! com
Date: 2004-12-30 17:09:42
Message-ID: 190DFDD2F99A65469B4B15D3658C0D2BC5A108 () ptc6 ! ponderosatel ! com
[Download RAW message or body]
>
> This question has been asked before on this list, but never
> adequately answered:
>
> Does anyone know when SCC will support IPSec encapsulation for NAT
> traversal *on* the Sidewinder? NAT-T? IPsec over UDP? IPsec over
> TCP?
Ok, here it is as far as I know, when IPSEC to a softremote client is
NATted anywhere along the way Phase I rekeys fail. Period end of story.
NAT kills this process, dead, dead, dead.
> How do VPN clients behind a one-to-many NAT device establish a
> connection to a Sidewinder VPN gateway? How do VPN clients cross
> firewalls which disallow AH and ESP?
One at a time, with the proviso that you do not mind that the connection
will drop when the phase I rekey is scheduled to happen. I would guess
(but do not know if a firewall which disallows AH and ESP kills this,
but I would guess yes).
Dan Sichel
Network Engineer
Ponderosa Telephone
daniels@ponderosatel.com (559) 868-6367
_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic