[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC Security Gateways & NAT
Chris Trobridge wrote:
> This appears to imply that NAT, in general, must be performed before
> encryption. This is at odds with the models that a number of service
> providers are trying to apply. Are there any solutions to these problems?
> Or any papers detailing the sort of problems that occur when mixing NAT with
> IPSEC.
There's some discussion, and links to other things, in the FreeS/WAN docs:
http://www.freeswan.org/freeswan_trees/freeswan-1.9/doc/firewall.html#NAT
A new 1.91 version, slightly expanded, should appear within a few days,
when 1.91 is released.
I'm the author and I think that discussion could stand improvement. If
you find good references on this please either post them here or send
me mail about them.
References: