Yes, thats what i had meant ! On Fri, May 22, 2009 at 10:46 PM, Christopher Morrow < [email protected]> wrote:
> On Fri, May 22, 2009 at 1:04 PM, Glen Kent <[email protected]> wrote: > > Hi, > > > > It is well known in the community that AH is NAT unfriendly while ESP > cannot > > be filtered, and most firewalls would not let such packets pass. I am NOT > > 'the content of the esp packet can't be filtered in transit' I think > you mean... right? > > > interested in encrypting the data, but i do want origination > authentication > > (Integrity Protection). Do folks in such cases use AH or ESP-NULL, given > > that both have some issues? > > > > Thanks, > > Glen > > >
