[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: NAT Traversal
>>>>> "Chinna" == Chinna N R Pellacuru <pcn@cisco.com> writes:
Chinna> And considering the fact that an IPsec SA is identified by
Chinna> the tuple: Destination, Protocol and SPI, the probability of
Chinna> a collision is even lower, and for all practical purposes
Chinna> zero.
But we're talking about NAT. NAT hides addresses behind it and makes
everything look like a single address.
So in the context of NAT (at the other end) you have lots of SAs from
the same address, and of course the protocol is constant (50).
paul