[Wylug-help] Ethernet Type Codes for IPSEC
Daniel Walker
danielwalker at fastmail.fm
Wed Dec 3 08:57:57 GMT 2003
James Holden (Wylug) wrote:
> Jim Jackson wrote:
> | ESP is the IP protocol field. From rfc1700
> |
> | 50 SIPP-ESP SIPP Encap Security Payload [Steve Deering]
> |
> | 800 is the ethernet protocol field for an IP packet. These are different
> | fields in different parts of a packet.
> |
>
> Yes. That's what I meant. Well I knew what I was on about anyway ;-)
>
> 800 is the ethertype for all IP packets (UPD/TCP/ICMP/whatever). 50 is
> the IP protocol for ESP, with 6 for TCP and 7 for UDP IIRC. Different
> bit of the packet entirely.
>
> You couldn't filter this at layer 2, where bridges operate. You'd need
> to look at the packets at layer 3 (ie: with an IP router).
Thanks for everyone's input on this. It looks like 'Half-Bridge Mode' is
the way to go - it appears the router still does the PPPoE connection
negotiation etc, which I didn't want to have to set up on the firewall,
but passes the IP address onto the firewall via DHCP and passes all
packets unmodified. I'm posting the link because I fairly sure most ADSL
non-speedtouch routers are the same chipset.
Dan
Half Bridge Mode
<http://www.adslnation.com/downloads/Configuring%20HalfBridge%20Mode.pdf>
More information about the Wylug-help
mailing list