29 Oct
2003
29 Oct
'03
2:55 p.m.
On Wed, 29 Oct 2003, Avleen Vig wrote:
Indeed, and IPSec tunnels are frequently done between routers on networks, rather than individual hosts on networks (at least in most multi-site enterprises i've seen).
The most common use of VPN links is the roadwarrior. IPSEC in this context is broken badly by NAT. Even when the extensive hackery required to workaround NAT is enabled, it still can not work in the case where two roadwarriors are behind a single address connecting to the same VPN gateway.