Re: traffic encryption

From: Todd H. (comphelp_at_toddh.net)
Date: 08/04/05


Date: 04 Aug 2005 11:50:08 -0500


"Roman Mashak" <mrv@tusur.ru> writes:
> Hello, All!
>
> We are designing network for our client now and considering the opportunity
> of traffic encryption (didn't decide yet: full packet or only tcp/ip level)
> between clients and us. Clients will use "real" addresses (not "grey").
>
> What existing technologies can you recommend to review?

IPSec certainly, and possible OpenSSL warrant a look, depending on
your exact requirements.

There are flavors of IPSec that can traverse modern NAT
implementations just fine. If they didn't I wouldn't be able to work
at all. :-) There was a time when IPSec pass through tunneling wasn't
available on anything but the latest Linux kernels, but those days are
gone.

Best Regards,

-- 
Todd H.
http://www.toddh.net/


Relevant Pages

  • Re: User authentication IPsec
    ... View Output Logs for details ... Ping Diagnosis: ... NAP Client Diagnosis: ... IPsec Service Diagnosis: ...
    (microsoft.public.windows.server.active_directory)
  • RE: Microsoft IPSec via group policy
    ... IPsec could accomplish this. ... Microsoft IPSec via group policy ... Requiring ipsec between a client and a DC via GPO is problematic. ...
    (Security-Basics)
  • re: Microsoft IPSec
    ... My original intention for enabling IPsec was the prevent users from ... Microsoft IPSec via group policy ... Requiring ipsec between a client and a DC via GPO is problematic. ...
    (Security-Basics)
  • Re: User authentication IPsec
    ... View Output Logs for details ... Ping Diagnosis: ... NAP Client Diagnosis: ... IPsec Service Diagnosis: ...
    (microsoft.public.windows.server.active_directory)
  • RE: IPSEC VPN connection from client in SBS 2003 premium
    ... the IPSec protocol cannot pass through ISA if IPSec ... pass-through would not work in firewall client method. ... VPN scenario, between the remote client and the VPN gateway, all VPN ...
    (microsoft.public.windows.server.sbs)