Firewalls: Re: SecureRemote Client

Firewalls
(February 1998)

Indexed By Thread: [Previous] [Next]

Subject:	Re: SecureRemote Client
From:	Elmar Haag <haag @ centaur . de>
Date:	Tue, 3 Feb 1998 11:50:43 +0100 (MET)
To:	Woody Weaver <woody @ wiltelnsi . com>
Cc:	Kevin Brown <Kevin . Brown @ NetComm . IE>, firewalls @ GreatCircle . COM
In-reply-to:	<3 . 0 . 5 . 32 . 19980130154340 . 00a30830 @ 199 . 233 . 153 . 153>

On Fri, 30 Jan 1998, Woody Weaver wrote:

> At 12:41 AM 1/30/98 +0000, you wrote:
> >Hi,
> >
> >
> >Will the secure remote client work behind a NAT obx?
> 
> No.  Because the NAT rewrites packet headers, the packet integrity is
> violated and the firewall refuses to decrypt.

Is this sure? Did you try this already or is it only a presumption?


Elmar
> 


> >I AM authenticated though.
> 
> Because for authentication purposes, packet headers don't matter!
> 
> --woody
> 
> 
> Robert Wooddell Weaver         email:  woody .
 weaver @
 wiltelnsi .
 com
> Senior Systems Engineer        voice:  510.358.3972
> Wiltel NSI                     pager:  510.702.4334
> 

----------------------------------------------------------------------
Elmar Haag             CENTAUR COMMUNICATION           Urbanstrasse 68
haag @
 centaur .
 de         Xlink PoP Heilbronn            74074 Heilbronn
http://www.centaur.de   Tel +49 7131 799 258     Fax +49 7131 799 260

Follow-Ups:

Re[2]: SecureRemote Client
From: Satoko Hirakawa <hirakawa @ aandi . co . jp>

Indexed By Date	Previous:	RE: MS Proxy 2.0 and Netscape From: MDCBRS @ maerskdata . dk
Indexed By Date	Next:	Migration Indication From: hassai01 @ cent-directorates . bh . bbc . co . uk (Ivan Hassan)
Indexed By Thread	Previous:	RE: Encryption Domains.... From: Dana Bourgeois <fg @ corp . portal . com>
Indexed By Thread	Next:	Re[2]: SecureRemote Client From: Satoko Hirakawa <hirakawa @ aandi . co . jp>