Date: Mon, 7 Aug 2000 17:44:24 -0700 (PDT) From: Benjamin Gavin <virtual_olympus@yahoo.com> To: freebsd-net@freebsd.org Subject: NATD and non-UDP/TCP packets Message-ID: <20000808004424.2838.qmail@web312.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hey all, I've browsed through the archives and haven't found the answer (although I have found the question) numerous times. What I am trying to do is setup some VPN software which uses the ESP and AH protocols (50/51). Unfortunately natd will not so the translation (as neither are UDP/TCP nor PPTP). Are there other services available for FreeBSD which will perform these functions, or is there any possibility that these protocols will be included in future NATD versions? What are the fundamental differences between ESP/AH and TCP/UDP? Are they inherently more complicated to translate, or is there some checksum built into the packet which would have to be recalculated upon translation?? The problem (as I see it) is that natd doesn't touch the outgoing packets, so the destination machine tries to reply to the internal address numbers. I can watch the packets with both tcpdump and by logging their denial on the firewall, but is it possible to get these things NAT'd?? Thanks much, Ben Gavin __________________________________________________ Do You Yahoo!? Kick off your party with Yahoo! Invites. http://invites.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000808004424.2838.qmail>