[ale] IPSec question
Stephan Uphoff
ups at tree.com
Tue Jul 20 11:18:11 EDT 2004
> Does IPSec work behind firewalls and NAT devices. I want to use it to
> connect to our home office from remote but when I go into datacenters
> 99.9% of the time I get an address that is private and behind a NAT
> Firewall.
No this won't work. (Unless you have control over the NAT device
and can forward a UDP port and a an IP protocol)
However you can layer things.
First go through the firewall using for example PPP over UDP.
( You can do PPP over TCP ... but I don't like layering
retransmission protocols - there are also tons of other tunneling
solutions around)
Configure your tunnel to send probe packets or the NAT device might
decide that your UDP/TCP session is over and delete the mapping.
Then you add IPSEC to your link.
Stephan
More information about the Ale
mailing list