FW: [sclug] Firewalls
lug at assursys.co.uk
lug at assursys.co.uk
Sat Oct 25 09:05:31 UTC 2003
On Wed, 15 Jan 2003, Mark Smiles wrote:
> lug at assursys.co.uk wrote:
> >On Wed, 15 Jan 2003, Tom Dawes-Gamble wrote:
> >>Last night I managed to get VPN working from my behind my ipcop firewall
> >>to our company intranet. How ip_masq_ipsec.o enables that is PFM to me.
> >
> >Presumably you're using the Encapsulation Security Payload (ESP) protocol in
> >transport mode to implement your VPN.
> >
> By this you mean UDP wrapper in a TCP packet?
Nope. ESP is IP protocol 50. It has two modes of operation, transport mode
(with which the IP header is outside ESP protection) and tunnel mode (with
which the IP header is encrypted/authenticated). The IPsec VPN is
established over the ESP "connection" and you send anything you like (TCP,
UDP...) over that.
I'm beginning to get out of my depth with IPsec, so it's probably best that
I shut up here...
> >>Tom.
> >Best Regards,
> >Alex.
Best Regards,
Alex.
--
Alex Butcher Brainbench MVP for Internet Security: www.brainbench.com
Bristol, UK Need reliable and secure network systems?
PGP/GnuPG ID:0x271fd950 <http://www.assursys.com/>
More information about the Sclug
mailing list