Hi Steve,
For Firewall-a there are to encryption modes,
1. tunneling mode that encrypt the IP header the TCP header and the data and
add a encryption protocol header.
2. in-place modethat encrypt only the payload portion of the packet.
Thus, with tunneling-mode you can make vpn between illegal IP address (the
routers dont'n know the source address). With in-place modeyou can't use
illegal address (you don't change the IP/TCP headers of the pachets)
1.tunneling mode supports all algoriths except FWZ-1
2.in-place mode only supports the FWZ-1 algorithms
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Steve
Sent: martes, 29 de agosto de 2000 16:40
To: [EMAIL PROTECTED]
Subject: [FW1] VPN Between Two Illegal Networks
Hi,
Is it possible to set up a VPN between two illegal internal networks that
routes across the Internet?
Example:
netA -- (le0) FWmachineA (le1) -- internet -- (le1) FWmachineB (le0) -- netB
Where:
netA is an illegal internal network
netB is an illegal internal network
FWmachineA le1 has a valid Class C IP address
FWmachineB le1 has a valid Class C IP address
With an encrypted VPN how does a host on netA route to a host on netB
(without using NAT - not enough class C addresses available)?
Cheers,
-Steve
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
