|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: linux-ipsec: IPSec Masquerade
Date: Thu Jan 14 1999 - 16:13:20 EST
-----BEGIN PGP SIGNED MESSAGE-----
> > Am I correct in thinking that it is technically possible to masquerade
Agreed.
> In tunnel mode, the ESP encryption hides everything, including the
> In transport mode, while ESP does not protect the addresses in the IP
I hadn't thought of this... The port numbers are very important for masquerading if there is to be more than one host at or behind the masquerading firewall using the protocol.
> That includes the port numbers. Worse, the major transport protocols --
You are correct, thanks for the correction (Actually, I don't think you had seen my post yet.).
> This is, I'm afraid, basically a feature, not a bug. Informally stated,
Agreed, and this is what we have done, with success.
> Henry Spencer
slainte mhath, RGB
- --
Richard Guy Briggs -- PGP key available Auto-Free Ottawa! Canada rgb at conscoop dot ottawa dot on dot ca < http://flora.org/afo/> < http://conscoop.ottawa.on.ca/> FreeS/WAN:< http://flora.org/freeswan>Please send all spam to root(at)127.0.0.1 Marillion:<http://www.marillion.co.uk>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQCVAwUBNp5d7t+sBuIhFagtAQGh+wP/R96ulShf+ab/F2M19BIMUsfcEGjZWza7
0lcRhieXXMNc+oaiy7Nk4Q5CdcMBd0DrEs7ifnxaeFWKdv6bk5UKMIvvYrs3Q1+V
APRFtmLy6WF82Ds91lfiX0w0dB8B/DYa8V6vmO2AcpJ545ho553CNEWJTEPo3S6k
ZFtR1HVA4y4=
=ilcd
-----END PGP SIGNATURE-----
Received on Thu Jan 14 16:44:33 1999
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:29 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |