0

Can IPSEC using AH be used in Transport Mode if a machine is behind NAT firewall? Please help me answer this question.

Arnab
  • 398
  • 1
  • 6
  • 16

1 Answers1

2

Yes, through NAT-Traversal and UDP-Encapsulation, but not easily, and with some important drawbacks.

Reference: http://www.rfc-base.org/txt/rfc-3947.txt

Drawbacks: https://www.rfc-editor.org/rfc/rfc3715#section-2.2

Better use tunnel mode.

Community
  • 1
  • 1
Stephane Martin
  • 1,612
  • 1
  • 17
  • 25