|
|
| Nuno Cristelo 2003-07-26, 2:24 pm |
| Hi,
I have one question:
May NAT cause VPN connection failures?
When using public ip addresses there is no connection failure when using
VPN.
Otherwise when using translated addresses (NAT) no connection can be
stablished.
Any hints or tips?
Best regards,
Nuno Cristelo
| |
| Armin Kask 2003-07-26, 3:24 pm |
| What is doing the nat and what is the vpn gateway?
"Nuno Cristelo" <cristelo@ipp.pt> wrote in message
news:s8zUa.33$tf.51251@newsserver.ip.pt...
> Hi,
>
> I have one question:
>
> May NAT cause VPN connection failures?
>
> When using public ip addresses there is no connection failure when using
> VPN.
>
> Otherwise when using translated addresses (NAT) no connection can be
> stablished.
>
> Any hints or tips?
>
> Best regards,
>
> Nuno Cristelo
>
>
| |
|
| Sure can cause failures if Authenticated Header is required. NAT over UDP
or TCP can fix this.
JC
--
"Nuno Cristelo" <cristelo@ipp.pt> wrote in message
news:s8zUa.33$tf.51251@newsserver.ip.pt...
> Hi,
>
> I have one question:
>
> May NAT cause VPN connection failures?
>
> When using public ip addresses there is no connection failure when using
> VPN.
>
> Otherwise when using translated addresses (NAT) no connection can be
> stablished.
>
> Any hints or tips?
>
> Best regards,
>
> Nuno Cristelo
>
>
| |
|
| I'm sorry... IPSEC over UDP or TCP.
JC
--
"JC" <blah@blah.net> wrote in message
news:3f22f940$0$74105$a04e5680
@nnrp.fuse.net...
> Sure can cause failures if Authenticated Header is required. NAT over UDP
> or TCP can fix this.
>
> JC
>
> --
>
> "Nuno Cristelo" <cristelo@ipp.pt> wrote in message
> news:s8zUa.33$tf.51251@newsserver.ip.pt...
> > Hi,
> >
> > I have one question:
> >
> > May NAT cause VPN connection failures?
> >
> > When using public ip addresses there is no connection failure when
using
> > VPN.
> >
> > Otherwise when using translated addresses (NAT) no connection can be
> > stablished.
> >
> > Any hints or tips?
> >
> > Best regards,
> >
> > Nuno Cristelo
> >
> >
>
>
| |
| JasonW 2003-07-27, 1:25 am |
| A Microsoft book covering L2TP says that IPSEC encryption can't pass through
any device that performs NAT, and that PPTP has to be used instead. The same
blurb also says that they intend to fix this by using UDP encapsulation in
the future. That is all I could find on the topic.
-JasonW
"JC" <blah@blah.net> wrote in message
news:3f23337d$0$73636$a0465688
@nnrp.fuse.net...
> I'm sorry... IPSEC over UDP or TCP.
>
> JC
>
> --
>
> "JC" <blah@blah.net> wrote in message
> news:3f22f940$0$74105$a04e5680
@nnrp.fuse.net...
> > Sure can cause failures if Authenticated Header is required. NAT over
UDP
> > or TCP can fix this.
> >
> > JC
> >
> > --
> >
> > "Nuno Cristelo" <cristelo@ipp.pt> wrote in message
> > news:s8zUa.33$tf.51251@newsserver.ip.pt...
> > > Hi,
> > >
> > > I have one question:
> > >
> > > May NAT cause VPN connection failures?
> > >
> > > When using public ip addresses there is no connection failure when
> using
> > > VPN.
> > >
> > > Otherwise when using translated addresses (NAT) no connection can be
> > > stablished.
> > >
> > > Any hints or tips?
> > >
> > > Best regards,
> > >
> > > Nuno Cristelo
> > >
> > >
> >
> >
>
>
| |
| Simon Chang 2003-07-27, 10:25 pm |
| IPSec operating in tunnel mode first encrypts the entire packet, and then
encapsulates the encrypted packet as payload for a new packet generated.
Microsoft's solution - "using UDP encapsulation" - is in essence the tunnel
mode. UDP port 10000 is the default for IPSec packets. (You can switch to
TCP 10000 if you like; it only marginally increases reliability.)
SC
"Nuno Cristelo" <cristelo@ipp.pt> wrote in message
news:s8zUa.33$tf.51251@newsserver.ip.pt...
> Hi,
>
> I have one question:
>
> May NAT cause VPN connection failures?
>
> When using public ip addresses there is no connection failure when using
> VPN.
>
> Otherwise when using translated addresses (NAT) no connection can be
> stablished.
>
> Any hints or tips?
>
> Best regards,
>
> Nuno Cristelo
>
>
|
|
|
|