From owner-freebsd-questions@FreeBSD.ORG Sun Jan 23 12:47:46 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3244116A4CE for ; Sun, 23 Jan 2005 12:47:46 +0000 (GMT) Received: from top.daemonsecurity.com (FW-182-254.go.retevision.es [62.174.254.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id BE83243D3F for ; Sun, 23 Jan 2005 12:47:45 +0000 (GMT) (envelope-from norgaard@locolomo.org) Received: from [192.168.0.32] (charm.daemonsecurity.com [192.168.0.32]) by top.daemonsecurity.com (Postfix) with ESMTP id 92AD4FD020 for ; Sun, 23 Jan 2005 13:47:44 +0100 (CET) Message-ID: <41F39CE7.7040209@locolomo.org> Date: Sun, 23 Jan 2005 13:47:35 +0100 From: Erik Norgaard User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20041114 X-Accept-Language: en, en-us, da, it, es MIME-Version: 1.0 To: FreeBSD Questions Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: IPSec without AH X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Jan 2005 12:47:46 -0000 Hi, Due to the problems of IPSec with NAT I was thinking if it is posible to setup IPSec without Authenticated Headers? Does anyone know of a howto? My postulate is that since data is encrypted, this should provide the same security as SSL/TLS - or better as _all_ protocols are encapsulated - or did I miss something? Thanks, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2