Re: Re: Free S/wan over satellite

[Rick Murphy <rmurphy () mitretek org>]

At 11:23 AM 5/30/2002 -0400, Joseph S D Yao wrote:
> But, why can't they play the same games with IPsec ESP packets?  Aren't
> packets just packets?

No - the window size and ACK state are both TCP information. ESP isn't TCP.

You can't mess with the ESP-encapsulated TCP packet because it's encrypted 
and integrity checked.

Basically, IPsec hides the TCP interaction from the outside observer. You 
therefore can't manipulate that interaction to improve the performance.
        -Rick

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards