AH or ESP
glen.kent at gmail.com
Fri May 22 18:36:43 CDT 2009
Yes, thats what i had meant !
On Fri, May 22, 2009 at 10:46 PM, Christopher Morrow <
morrowc.lists at gmail.com> wrote:
> On Fri, May 22, 2009 at 1:04 PM, Glen Kent <glen.kent at gmail.com> wrote:
> > Hi,
> > It is well known in the community that AH is NAT unfriendly while ESP
> > be filtered, and most firewalls would not let such packets pass. I am NOT
> 'the content of the esp packet can't be filtered in transit' I think
> you mean... right?
> > interested in encrypting the data, but i do want origination
> > (Integrity Protection). Do folks in such cases use AH or ESP-NULL, given
> > that both have some issues?
> > Thanks,
> > Glen
More information about the NANOG