North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: [arin-announce] IPv4 Address Space (fwd)

  • From: Kuhtz, Christian
  • Date: Wed Oct 29 10:22:37 2003

Seems several commercial clients (such as Cisco's VPN client) offer
workaround for that (tunneling IPSEC in a TCP session).  Works great.

> -----Original Message-----
> From: Greg Maxwell [mailto:[email protected]] 
> Sent: Wednesday, October 29, 2003 9:56 AM
> To: Avleen Vig
> Cc: Simon Lockhart; Dave Howe; Email List: nanog
> Subject: Re: [arin-announce] IPv4 Address Space (fwd)
> 
> 
> 
> On Wed, 29 Oct 2003, Avleen Vig wrote:
> 
> > Indeed, and IPSec tunnels are frequently done between routers on 
> > networks, rather than individual hosts on networks (at 
> least in most 
> > multi-site enterprises i've seen).
> 
> The most common use of VPN links is the roadwarrior.
> IPSEC in this context is broken badly by NAT. Even when the 
> extensive hackery required to workaround NAT is enabled, it 
> still can not work in the case where two roadwarriors are 
> behind a single address connecting to the same VPN gateway.
> 
> 
> 


*****
"The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material.  Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited.  If you received
this in error, please contact the sender and delete the material from all
computers.60"