[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] VID for nat traversal
Openswan (and others FreeS/WAN forks) support following VIDs :
md5("draft-ietf-ipsec-nat-t-ike-00")
md5("draft-ietf-ipsec-nat-t-ike-01")
no port floating
NAT-D 130, NAT-OA 131, UDP-Tunnel 61443, UDP-Transport 61443
md5("draft-ietf-ipsec-nat-t-ike-02")
md5("draft-ietf-ipsec-nat-t-ike-02\n") [1]
md5("draft-ietf-ipsec-nat-t-ike-03")
port floating (udp/4500)
NAT-D 130, NAT-OA 131, UDP-Tunnel 61443, UDP-Transport 61443
The code for following drafts (NAT-D 15, NAT-OA 16, UDP-Tunnel 3,
UDP-Transport 4) is in the code but not enabled by default because
we have no official VID to negociate it.
I use md5("Testing NAT-T RFC") to test it but it's not sent during
negociation.
[1]: http://www.sandelman.ottawa.on.ca/ipsec/2002/04/msg00233.html
--
Mathieu Lafon - Arkoon Network Security
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec