Hi Tero,
On Thu, Jul 30, 2009 at 2:16 PM, Tero Kivinen wrote:
> Raj Singh writes:
> > 1. Initiator is behind N(P)AT and float the port to (4500, 4500)
> >
> > and send IKE_AUTH with source port 4500 now N(P)AT changes source port
> > as 1024 but there is a man-in-the-middle who changes the por
Raj Singh writes:
> 1. Initiator is behind N(P)AT and float the port to (4500, 4500)
>
> and send IKE_AUTH with source port 4500 now N(P)AT changes source port
> as 1024 but there is a man-in-the-middle who changes the port to other
> host behind N(P)AT's port say 1025, still IKE_AUTH packet is a
Hi Group,
I have question regarding security considerations with NAT-T scenario in
IKEv2.
According to ikev2-bis-04, section 2.23
---
There are cases where a NAT box decides to remove mappings that
are still alive (for examp
