[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: VS: IP tunnel over a NAT (IP masq) possible ?

To: "Pekka Turunen" <pekka.turunen@netseal.com>
Subject: Re: VS: IP tunnel over a NAT (IP masq) possible ?
From: Otel Florian-Daniel <otel@ce.chalmers.se>
Date: Mon, 19 Jul 1999 15:25:01 +0200 (MET DST)
Cc: <linux-ipsec@clinet.fi>, <ipsec@lists.tislabs.com>
In-Reply-To: <000a01bed1d8$7d31a820$390964c2@baudia.fi>
References: <14223.33362.904306.427278@blomman18.ce.chalmers.se><000a01bed1d8$7d31a820$390964c2@baudia.fi>
Reply-To: otel@ce.chalmers.se
Sender: owner-ipsec@lists.tislabs.com


> Hello Florian!

> We have studied the NAT -problem and developed a solution for it. We have
> applied a patent for this solution, which is called FireSeal. With FireSeal
> the firewall isn't required to decrypt the packets.  Nevertheless the
> traffic can be fully controlled - dynamically.

> The FireSeal system consists of two main components. The Client component
> works as a part of the IPSec - or any other security application, inside the
> company network boundaries, whereas the server component is attached to the
> firewall. The process of controlling secured network traffic can be divided
> into three steps:

[.....]


This sounds great but has one fatal flaw: As you read my initial
posting i do _not_ have any control over the NAT (firewall). For my
purposes it's just a black box that does IP masq. Nothing more.  So
everything sounds great, but it just doesn't work for my case. 

> Yours sincerely, Pekka Turunen


Thanks anyway,

Florian

P.S: Right now I'm trying to get PPP over SSH running even though I don't
particullary enjoy the idea: Imagine i do it on a laptop, i move
somewhere when I use PPP for dialup. I will end up with something like 
SSH (for logging in the servers) over  PPP (IP route)  over SSH (the
tunnel) over PPP (the local dialup). No comment here. 

Sick as it sounds, as soon as I will manage PPP over SSH I will look
into IPsec realated mechanisms to do that and cut some
overhead. Thanks to all how sent the VPN-minihowto URL.

References:

IP tunnel over a NAT (IP masq) possible ?

From: Otel Florian-Daniel <otel@ce.chalmers.se>

VS: IP tunnel over a NAT (IP masq) possible ?

From: "Pekka Turunen" <pekka.turunen@netseal.com>

Prev by Date: Re: VS: IP tunnel over a NAT (IP masq) possible ?
Next by Date: Re: new second mandatory IPsec cipher
Prev by thread: VS: IP tunnel over a NAT (IP masq) possible ?
Next by thread: Re: linux-ipsec: VS: IP tunnel over a NAT (IP masq) possible ?
Index(es):
- Main
- Thread