[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP over UDP

To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: ESP over UDP
From: Joern Sierwald <joern.sierwald@datafellows.com>
Date: Tue, 10 Aug 1999 16:23:25 +0300
Cc: ipsec@lists.tislabs.com
In-Reply-To: <sjmaerzn5ud.fsf@rcn.ihtfp.org>
References: <Joern Sierwald's message of Tue, 10 Aug 1999 15:42:49 +0300><3.0.5.32.19990810154249.00af8300@smtp.datafellows.com>
Sender: owner-ipsec@lists.tislabs.com

At 09:05 10.8.1999 -0400, you wrote:
>You've got it backwards -- UDP runs over ESP, not the
>other way around.  Although you are correct in saying that
>ISAKMP runs over UDP.  That is true.
>
>The problem is that you are using IP Masquerade.  You will have
>trouble with IPSec across a NAT.  There are a couple of patches
>that exist for Linux to try to get IPSec working across the NAT:
>
>ftp://ftp.rubyriver.com/pub/jhardin/masquerade/ip_masq_vpn.html
>
>-derek
>

I need to run IPsec over every available IP masquerading 
implementation in the world, and therefore I have to send
ESP packets as UDP payloads. Trust me, I know what I'm doing. (tm)

Jörn

Follow-Ups:

Re: ESP over UDP

From: Richard Guy Briggs <rgb@conscoop.ottawa.on.ca>

Re: ESP over UDP

From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

References:

ESP over UDP

From: Joern Sierwald <joern.sierwald@datafellows.com>

Re: ESP over UDP

From: Derek Atkins <warlord@MIT.EDU>

Prev by Date: Re: ESP over UDP
Next by Date: Re: ESP over UDP
Prev by thread: Re: ESP over UDP
Next by thread: Re: ESP over UDP
Index(es):
- Main
- Thread