nanog mailing list archives
Re: AH or ESP
From: Glen Kent <glen.kent () gmail com>
Date: Sat, 23 May 2009 05:06:43 +0530
Yes, thats what i had meant ! On Fri, May 22, 2009 at 10:46 PM, Christopher Morrow < morrowc.lists () gmail com> wrote:
On Fri, May 22, 2009 at 1:04 PM, Glen Kent <glen.kent () gmail com> wrote:Hi, It is well known in the community that AH is NAT unfriendly while ESPcannotbe filtered, and most firewalls would not let such packets pass. I am NOT'the content of the esp packet can't be filtered in transit' I think you mean... right?interested in encrypting the data, but i do want originationauthentication(Integrity Protection). Do folks in such cases use AH or ESP-NULL, given that both have some issues? Thanks, Glen
Current thread:
- AH or ESP Glen Kent (May 22)
- Re: AH or ESP Christopher Morrow (May 22)
- Re: AH or ESP Glen Kent (May 22)
- <Possible follow-ups>
- Re: AH or ESP Jack Kohn (May 25)
- Re: AH or ESP Merike Kaeo (May 25)
- Re: AH or ESP Jack Kohn (May 25)
- Re: AH or ESP Glen Kent (May 25)
- Re: AH or ESP Merike Kaeo (May 25)
- Re: AH or ESP Jack Kohn (May 25)
- Re: AH or ESP Merike Kaeo (May 25)
- Re: AH or ESP Randy Bush (May 26)
- RE: AH or ESP Tony Hain (May 26)
- Re: AH or ESP Roland Dobbins (May 26)
- Re: AH or ESP Merike Kaeo (May 25)
- Re: AH or ESP Christopher Morrow (May 22)