Re: reverse processing order: NAT, IPsec ?

To: Hans Rosenfeld <rosenfeld%grumpf.hope-2000.org@localhost>
Subject: Re: reverse processing order: NAT, IPsec ?
From: Thor Lancelot Simon <tls%rek.tjls.com@localhost>
Date: Fri, 12 Jun 2009 15:19:24 -0400

On Fri, Jun 12, 2009 at 04:36:23PM +0200, Hans Rosenfeld wrote:
> 
> Could you use IPsec in transport mode and use a gif tunnel over that?
> IIRC I read somewhere that this is functionally the same as IPsec tunnel
> mode, and it would allow you to use NAT on the gif interface.

Probably, but you'll have no luck getting it configured how the peer
expects if IKE is in use -- racoon has no idea how to do this.

-- 
Thor Lancelot Simon                                        
tls%rek.tjls.com@localhost
    "Even experienced UNIX users occasionally enter rm *.* at the UNIX
     prompt only to realize too late that they have removed the wrong
     segment of the directory structure." - Microsoft WSS whitepaper

References:
- reverse processing order: NAT, IPsec ?
  - From: Hubert Feyrer
- Re: reverse processing order: NAT, IPsec ?
  - From: Hans Rosenfeld

Prev by Date: Re: reverse processing order: NAT, IPsec ?
Next by Date: Re: reverse processing order: NAT, IPsec ?
Previous by Thread: Re: reverse processing order: NAT, IPsec ?
Next by Thread: Re: reverse processing order: NAT, IPsec ?
Indexes:

Home | Main Index | Thread Index | Old Index