Hi,
Due to the problems of IPSec with NAT I was thinking if it is posible to
setup IPSec without Authenticated Headers? Does anyone know of a howto?
My postulate is that since data is encrypted, this should provide the
same security as SSL/TLS - or better as _all_ protocols are encapsulated
-
On Sun, 23 Jan 2005 13:47:35 +0100, Erik Norgaard [EMAIL PROTECTED] wrote:
Hi,
Due to the problems of IPSec with NAT I was thinking if it is posible to
setup IPSec without Authenticated Headers? Does anyone know of a howto?
My postulate is that since data is encrypted, this should provide
J65nko BSD wrote:
Due to the problems of IPSec with NAT I was thinking if it is posible to
setup IPSec without Authenticated Headers? Does anyone know of a howto?
The AH (Authenticated Header) protocol cannot be used with NAT, NAT
modifies the header of packets, while AH is supposed to protect
On Sun, 23 Jan 2005 14:54:46 +0100, Erik Norgaard [EMAIL PROTECTED] wrote:
J65nko BSD wrote:
Due to the problems of IPSec with NAT I was thinking if it is posible to
setup IPSec without Authenticated Headers? Does anyone know of a howto?
The AH (Authenticated Header) protocol cannot be used
J65nko BSD wrote:
Ofcourse, it requires access to the (public?) keys to create valid
encrypted packets. Hence, if the public key is kept as a shared secret
among the authorized users, one could assume that ESP packets are
authenticated/trusted.
This is my idea, discard AH, rely on ESP and assume