[Openswan Users] NAT Traversal and transport mode security issues
agascond at able.es
agascond at able.es
Fri Apr 2 00:43:18 CEST 2004
Hi,
I have just setup a gateway with Openswan 2.1.1 with NAT-T support and also have enabled NAT-T Transport Mode so WinXP clients can access using the Microsoft VPN Client.
Ok. I have all working but I'm quite worried about the security issues related with NAT-T and IPSec transport mode which is mandatory if you use the MS client.
I have found some info about an attacker could redirect packects, spoof protected LAN hosts and so, but I am not sure what these issues are and if I should use this configuration. Anybody could explain what are these security issues?
Thanks a lot,
Antonio
More information about the Users
mailing list