Date: Tue, 8 Aug 2000 10:08:03 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Benjamin Gavin <virtual_olympus@yahoo.com> Cc: freebsd-net@FreeBSD.ORG Subject: NATD and non-UDP/TCP packets Message-ID: <200008081408.KAA13542@khavrinen.lcs.mit.edu> In-Reply-To: <20000808004424.2838.qmail@web312.mail.yahoo.com> References: <20000808004424.2838.qmail@web312.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Mon, 7 Aug 2000 17:44:24 -0700 (PDT), Benjamin Gavin <virtual_olympus@yahoo.com> said: > What are the fundamental differences between ESP/AH and TCP/UDP? Are > they inherently more complicated to translate, They are designed to be cryptographically secure, and hence, impossible to NAT. If you want to do NAT, you'll have to terminate the SAs at the boundary and create an appropriate new set for the ``public'' side. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008081408.KAA13542>