Re: NAT vs. GRE tunnel

["Victor B. Williams" <vbwilliams () essvote net>]

Cisco PIX OS 6.3.1 and Netfilters (IPTables) 1.2.7 and later handle
GRE over NAT just fine.  You can create as many tunnels as your
bandwidth can handle.

Milon Papezik said:
> Hi all,
>
> one of our customers asked me following questions:
>
> Is it possible to pass GRE tunnel throught a many-to-one NAT (hide
> NAT, PAT) ?
> What FW product is capable of processing such conversion
> "transparently"?
>
> I reviewed both RFC 1701 and RFC 2784 and I came to conclusion that it
> is not
> generally possible by definition of GRE tunnel to translate it through
> NAT.
>
> What would be your expert's answer ?
>
>       Thanks in advance for any thoughts,
>       Milon
> --
> mmp () actinet cz
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


"Real men don't even use monitors! I've just got a guy that can draw
real fast."

Victor Williams
Network Architect
Election Systems & Software
http://www.essvote.com
vbwilliams () essvote com
(402) 970-1100

CONFIDENTIALITY NOTICE:
This e-mail transmission and any documents, files or previous e-mail
messages attached to it may contain information that is confidential,
protected by the attorney/client or other privileges, and may
constitute non-public information. It is intended to be conveyed only
to the designated recipient(s) named above. Any unauthorized use,
reproduction, forwarding, distribution or other dissemination of this
transmission is strictly prohibited and may be unlawful. If you are
not an intended recipient of this e-mail transmission, please notify
the sender by return e-mail and permanently delete any record of this
transmission. Your cooperation is appreciated.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards