IPsec-Network Address Translation (NAT) Compatibility Requirements", RFC 3715
نویسنده
چکیده
This document describes known incompatibilities between Network Address Translation (NAT) and IPsec, and describes the requirements for addressing them. Perhaps the most common use of IPsec is in providing virtual private networking capabilities. One very popular use of Virtual Private Networks (VPNs) is to provide telecommuter access to the corporate Intranet. Today, NATs are widely deployed in home gateways, as well as in other locations likely to be used by telecommuters, such as hotels. The result is that IPsec-NAT incompatibilities have become a major barrier in the deployment of IPsec in one of its principal uses. Aboba & Dixon Informational [Page 1] RFC 3715 IPsec-NAT Compatibility Requirements March 2004 Table of
منابع مشابه
IPSec over Heterogeneous IPv4 and IPv6 Networks: ISSUES AND IMPLEMENTATION
In the face of looming IPv4 address exhaustion and the slow pace of IPv4 to IPv6 migration, this work deploys the IPv4/IPv6 translation gateway as a mechanism to ensure most of IPv6 mission critical applications to continuously interoperate with legacy IPv4 nodes. However, the existence of translation gateway between two IPSec nodes from disparate address realms imposes some incompatibility iss...
متن کاملRFC 3947 Negotiation of NAT - Traversal in the IKE
Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document describes how to d...
متن کاملBasic Host Identity Protocol (HIP) Extensions for Traversal of Network Address Translators
This document specifies extensions to the Host Identity Protocol (HIP) to facilitate Network Address Translator (NAT) traversal. The extensions are based on the use of the Interactive Connectivity Establishment (ICE) methodology to discover a working path between two end-hosts, and on standard techniques for encapsulating Encapsulating Security Payload (ESP) packets within the User Datagram Pro...
متن کاملRfc 4787 Nat Udp
This document defines basic terminology for describing different types of Network Address Translation (NAT) behavior when handling Unicast UDP and also defines a set of requirements that would allow many applications, such as multimedia communications or online gaming, to work consistently. Developing NATs that meet this set of requirements will greatly increase the likelihood that these applic...
متن کاملNAT Traversal Capability and Keep-Alive Functionality with IPSec in IKEv2 Implementation
Since IPv4 Private Networks are behind NAT (Network Address Translation) devices. So, to bypass the Binding Update and Binding Acknowledgment by NAT, we need to encapsulate it in UDP (User datagram Protocol) Packets. Hence, the Dual Stack Mobile IPv6 should support NAT Traversal and Detection. So for proper securing and fully functionality of NAT traversal, it should be IP Security Protected. P...
متن کامل