Comcast & VPN - with NAT Router?]]
Jeremy Fowler
jfowler at westrope.com
Fri Jun 15 20:33:29 CDT 2001
Actually IPSec uses GRE packets which isn't port specific. So most VPN
connections using IPSec cannot go through VPNs unless the VPN is setup to
specifically route GRE packets to the VPN concentrator or the VPN
client/concentrator allows UDP encapsulation like Cisco's 3000 series
Clients/Concentrators.
-Jeremy
-----Original Message-----
From: John Kerbawy [mailto:john at maKintosh.com]
Sent: Friday, June 15, 2001 1:55 PM
To: kclug at kclug.org
Subject: Re: Comcast & VPN - with NAT Router?]]
On Fri, Jun 15, 2001 at 01:46:14PM -0500, Brian Densmore wrote:
> Well, if you are using tunneling and encryption, I don't see how they could
> detect it unless they are decrypting packets.
IPsec VPNs don't use just TCP and UDP. ESP and AH are also used.
(Protocols 50 and 51.) If they sniff for either of those protocols and
find anything, they know IPsec is going on, whether or not they can
read the contents inside, which they can't.
--
John Kerbawy | All are lunatics, but he who can analyze his
john at maKintosh.com | delusions is called a philosopher.
maKintosh.com |
john/EFNet |
More information about the Kclug
mailing list