8 Jul
2005
8 Jul
'05
5:20 p.m.
Fred Baker wrote: [snip]
A NAT, in that context, is a stateful firewall that changes the addresses, which means that the end station cannot use IPSEC to ensure that it is still talking with the same system on the outside. [snip]
No, you can't use AH, but yes, you can use IPsec through NAT. See RFC3947 and RFC3948. But it is not pretty. -- Crist J. Clark crist.clark@globalstar.com Globalstar Communications (408) 933-4387