The other solution Maarten alluded to is NAT-T which is a UDP encapsulation of the entire IPSec packet. GTA's firewalls current do not support this feature. We would like to however there are a few patent infringment issue being tossed about with regard to NAT-T. The IETF was in the process of making NAT-T a standard but these patent infringment issues have stop things for the time being. Some vendors that have support for NAT-T most likely are violating the patents.
Paul, I'm not sure I understand the above. If someone's using a VPN client to tunnel
out from behind a gnatbox, what needs to be supported by the gnatbox? It just has
to do NAT correctly, no? I didn't think the gnatbox in Matt's scenario is participating
in the VPN except insofar as behing the NATing firewall he's behind. Or am I missing
something?
------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
