[ednog] IPSec vs SOHO NAT

Frank Sweetser fs at WPI.EDU
Tue Jun 14 10:58:26 EDT 2005

On Tue, Jun 14, 2005 at 09:45:34AM -0500, Julian Y. Koh wrote:
> IPSec in general.  However, the cure-all that works in every case we've
> seen is to use the Cisco IPSec client in NAT mode over TCP as opposed to
> UDP.  It's probably not an approved standard, but it'll cut through
> anything we've ever come across, including weird setups like you find in
> hotels and other public access networks.

Have you ever run into TCP over TCP issues with this?


Frank Sweetser fs at wpi.edu  |  For every problem, there is a solution that
WPI Network Engineer          |  is simple, elegant, and wrong. - HL Mencken
    GPG fingerprint = 6174 1257 129E 0D21 D8D4  E8A3 8E39 29E3 E2E8 8CEC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/ednog/attachments/20050614/8dfce3fd/attachment.bin

More information about the ednog mailing list