[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC 2401 section 5.2.1

To: "jshukla" <jshukla@trlokom.com>
Subject: Re: RFC 2401 section 5.2.1
From: itojun@iijlab.net
Date: Sat, 25 Nov 2000 10:05:26 +0900
cc: "Francis Dupont" <Francis.Dupont@enst-bretagne.fr>, "Henry Spencer" <henry@spsystems.net>, ipsec@lists.tislabs.com
In-reply-to: jshukla's message of Fri, 24 Nov 2000 13:00:26 PST. <001601c05659$93249460$79b12304@ffb5b>
Sender: owner-ipsec@lists.tislabs.com

>Transport mode does not solve the end-to-end security problem.
>In fact, either mode of IPSec cannot traverse NAT and is not
>capable of providing end-to-end security. One exception is the
>LAN configuration where you do not have to deal with NAT. There,
>one can use the transport mode for end-to-end security. A whole
>lot of work has been done to address this problem, e.g. RSIP,
>UDP encapsulation etc.

	say a long goodbye to NAT, use IPv6.

itojun

References:

Re: RFC 2401 section 5.2.1

From: "jshukla" <jshukla@trlokom.com>

Prev by Date: Re: RFC 2401 section 5.2.1
Next by Date: Re: RFC 2401 section 5.2.1
Prev by thread: Re: RFC 2401 section 5.2.1
Next by thread: Re: RFC 2401 section 5.2.1
Index(es):
- Main
- Thread