IPSec is designed to set up security associations for each side of a
connection (inbound and outbound) so it usually requires the firewall to
accept an inbound connection to the host initiating the IPSec connection.
This is problematic for most firewalls but adding NAT just makes the issue
more difficult.
It is pretty much understood that NAT and IPSec are not compatible
technologies.
-- Bill Stackpole, CISSP
|------------------------+------------------------+------------------------|
| | sebastian.schuenemann| |
| | @gauss-interprise.com| � � � � To: |
| | Sent by: | [EMAIL PROTECTED]|
| | firewalls-owner@Lists| net |
| | .GNAC.NET | � � � � cc: |
| | | � � � � Subject: |
| | 03/30/00 05:32 AM | IPSec and NAT |
| | | |
|------------------------+------------------------+------------------------|
Hi,
does anybody know if it's possible to establish VPN Tunnels from IPSec
-Client in the intranet
(VPN-1 SecureClient) with private IP, behind firewall doing NAT, to a
vpn-gateway (
VPN-1) over the internet.
thanks
begin:vcard
n:Sch�nemann;Sebastian
x-mozilla-html:FALSE
url:http://www.gauss-interprise.com
org:Gauss Interprise;Consulting Hamburg
adr:;;Himmelstr. 12-16;Hamburg;;D-22299;Germany
version:2.1
title:Werkstudent
fn:Sebastian Sch�nemann
end:vcard
=?iso-8859-1?Q?Sebastian.Schuenemann.vcf?=
