vk4gtw at bigpond.com
Tue Oct 18 21:05:01 CEST 2016
The commonly quoted packet flow diagram at  does not show where NAT-T is implemented for
IPsec MOBIKE. Questions are:
1. Where in the diagram is NAT-T de-capsulation performed?
2. Where in the diagram is NAT-T encapsulation performed?
3. Does the NAT-T UDP header have to be removed so the iptables IPsec policy module can operate?
4. Traffic from the topmost "local process" block flows to a "routing decision" block. Is this to prevent
a local IPsec connection (to loopback address, possibly ) from being encrypted?
More information about the Users