RE: IPSEC Security Gateways & NAT
"Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com> Thu, 07 June 2001 17:28 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.9.3/8.9.3) with ESMTP id KAA29595; Thu, 7 Jun 2001 10:28:49 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id MAA23127 Thu, 7 Jun 2001 12:38:08 -0400 (EDT)
Reply-To: andrew.krywaniuk@alcatel.com
From: Andrew Krywaniuk <andrew.krywaniuk@alcatel.com>
To: "'Steven M. Bellovin'" <smb@research.att.com>
Cc: ipsec@lists.tislabs.com
Subject: RE: IPSEC Security Gateways & NAT
Date: Thu, 07 Jun 2001 12:08:40 -0400
Message-Id: <000601c0ef6c$38071ab0$1e72788a@andrewk3.ca.newbridge.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4
In-Reply-To: <20010607131627.C99717B84@berkshire.research.att.com>
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
On the contrary, from what I have seen there is a consensus for ESPoUDP. At least 6 vendors are planning to implement this approach, and we are anxiously awaiting the release of the new merged NAT traversal document. Andrew ------------------------------------------- Upon closer inspection, I saw that the line dividing black from white was in fact a shade of grey. As I drew nearer still, the grey area grew larger. And then I was enlightened. > -----Original Message----- > From: owner-ipsec@lists.tislabs.com > [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Steven M. Bellovin > Sent: Thursday, June 07, 2001 9:16 AM > To: Joern Sierwald > Cc: ipsec@lists.tislabs.com; Chris Trobridge > Subject: Re: IPSEC Security Gateways & NAT > > > In message > <3.0.5.32.20010607143550.047a3380@smtp.datafellows.com>, Joern Sierw > ald writes: > > >> > > > >The consensus among IPsec vendors is ESPoUDP. You use tunnel mode, > >and insert a UDP header in front of the ESP header. This is > dead simple > >and works with normal NAT boxes. > > > > I don't know that I'd use the word "consensus" -- and I would > note that > that SSH has claimed assorted patent rights to the concept, > at least as > explained in draft-stenberg-ipsec-nat-traversal-*.txt. > > > --Steve Bellovin, http://www.research.att.com/~smb > > >
- IPSEC Security Gateways & NAT Chris Trobridge
- Re: IPSEC Security Gateways & NAT Joern Sierwald
- Re: IPSEC Security Gateways & NAT Steven M. Bellovin
- RE: IPSEC Security Gateways & NAT Chris Trobridge
- Re: IPSEC Security Gateways & NAT Pyda Srisuresh
- Re: IPSEC Security Gateways & NAT Sandy Harris
- Re: IPSEC Security Gateways & NAT Ari Huttunen
- RE: IPSEC Security Gateways & NAT Andrew Krywaniuk
- Re: IPSEC Security Gateways & NAT jshukla
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Scott G. Kelly
- RE: IPSEC Security Gateways & NAT Chen, David
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT jshukla
- Re: IPSEC Security Gateways & NAT jshukla
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chris Trobridge
- Re: IPSEC Security Gateways & NAT jshukla
- Re: IPSEC Security Gateways & NAT jshukla
- RE: IPSEC Security Gateways & NAT Riley, Susie
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- RE: IPSEC Security Gateways & NAT Riley, Susie
- Re: IPSEC Security Gateways & NAT jshukla
- RE: IPSEC Security Gateways & NAT Chen, David
- RE: IPSEC Security Gateways & NAT Chris Trobridge
- Re: IPSEC Security Gateways & NAT jshukla
- RE: IPSEC Security Gateways & NAT Chen, David
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT jshukla
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT sankar ramamoorthi
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Dan Harkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Hilarie Orman
- RE: IPSEC Security Gateways & NAT (3 issues) Andrew Krywaniuk
- Re: IPSEC Security Gateways & NAT Derek Atkins
- Re: IPSEC Security Gateways & NAT Derek Atkins
- Re: IPSEC Security Gateways & NAT Hugo Krawczyk
- Re: IPSEC Security Gateways & NAT Hugo Krawczyk
- RE: IPSEC Security Gateways & NAT (3 issues) Hugo Krawczyk
- RE: IPSEC Security Gateways & NAT sankar ramamoorthi
- RE: IPSEC Security Gateways & NAT (3 issues) Andrew Krywaniuk
- Re: IPSEC Security Gateways & NAT Dan Harkins
- Fwd: Re: IPSEC Security Gateways & NAT Hilarie Orman
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Dan Harkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Ricky Charlet
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT sankar ramamoorthi
- RE: IPSEC Security Gateways & NAT Andrew Krywaniuk
- Re: IPSEC Security Gateways & NAT Dan Harkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- Re: IPSEC Security Gateways & NAT jshukla
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT Derek Atkins
- Re: IPSEC Security Gateways & NAT Dan Harkins
- Re: IPSEC Security Gateways & NAT Derek Atkins
- Re: IPSEC Security Gateways & NAT jshukla
- RE: IPSEC Security Gateways & NAT Chen, David
- Re: IPSEC Security Gateways & NAT jshukla
- Re: IPSEC Security Gateways & NAT Hugo Krawczyk
- Re: IPSEC Security Gateways & NAT Ari Huttunen
- Re: IPSEC Security Gateways & NAT Bill Sommerfeld
- RE: IPSEC Security Gateways & NAT Andrew Krywaniuk
- Re: IPSEC Security Gateways & NAT Hilarie Orman
- Re: IPSEC Security Gateways & NAT Derek Atkins
- Re: IPSEC Security Gateways & NAT Hilarie Orman
- Re: IPSEC Security Gateways & NAT Bill Sommerfeld
- RE: IPSEC Security Gateways & NAT Chen, David
- RE: IPSEC Security Gateways & NAT Aronson, David
- RE: IPSEC Security Gateways & NAT Chen, David