[index] [text page] [<<start] [<prev] [next>] [last>>]
Page 28: IPSec cons (cont)

Page 28

  
  IPSec cons (cont)
  Harder to provide VPN through firewalls - must tunnel
  UDP port 500 (ISAKMP) for key exchange
  IP Protocol 50 for IPSec ESP
  IP Protocol 51 for IPSec AH
  If the firewall performs NAT or IP Masquerading, firewall kernel patches required.
  Easier to put VPN parallel to firewall, not behind.
  IPSec VPN packets are blocked by many ISPs

Copyright 2003, Bri Hatch of Onsight, Inc.

Presented at Real World Linux, 2003.

Presentation created using vim and MagicPoint.