[KLUG Members] IPSEC operation Issues

[Eric Anderson]

*This message was transferred with a trial version of CommuniGate(tm) Pro*
I was just talking to a buddy of mine, who is connecting to his corporate VPN
over an IPSec connection, through a VPN'ing Smoothwall.

I personally haven't done it, but, I'm being told that it's being done.




Adam Williams (awilliam@whitemice.org) wrote*:
>

>>Has anyone experienced any problems when deploying IPSEC in
>>their production environments? We are debating using IPSEC
>>between a Solaris and HPUX system, as the necessary binaries
>>are provided with both. Several firewalls reside between the
>>hosts, but I am not aware of any NAT'ing going on. We would
>>like to use AH and ESP to encrypt the headers and payload. We
>>are also possibly debating using Checkpoint Firewall-1 to
>>provide this functionality. I believe this would be a much
>>more efficient means. Just curious what the gurus on the list
>
>ipSEC is a genuine pain to get through firewalls,  and it *CANNOT* work
>if there is NAT-ing at any point.
>
>But if your client/server support "UDP encapsulation" it should go
>through like it was coated with warm butter.  But not all combinations
>of client & server support that.
>
>--
>----------------------------------------------------------------
>This message undoubtedly processed by the purely benevolent "US
>Department of Homeland Security",  but don't worry... they're
>only goal is to protect life, liberty and the pursuit of property.
>
>_______________________________________________
>Members mailing list
>Members@kalamazoolinux.org
>
>

--
Eric Anderson
LanRx Network Solutions
815-505-6132