[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ike source port (was: issues with IKE that need resolution)



> > > 	Is it ok for the source port for IKE to be something other than
> > > 	port 500?
> > > 
> > > Hopefully it is ok, as this eases ipsec across NAT boxes
> > 
> > Whoa!  Cognitive dissonance!
> > 
> To be clear, the NAT box Gabriel is refering to is a Host NAT server.
> Host NAT server does not perform any address or port translation. 
> Hope this helps.
> 
> cheers,
> suresh

If so, then whence the term "NAT"?  Per RFC 1631 a NAT does address/port
translation. 

--bill


Follow-Ups: References: