123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Business >> View Article

Nat Considerations

Profile Picture
By Author: Shirley Green
Total Articles: 129
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

A PPTP VPN client can be placed behind a Network Address Translation (NAT) server if the NAT server has a PPTP NAT editor. (A NAT editor is a software addition that understands a specific protocol.) Most NAT servers have a CompTIA NAT editor. L2TP/ IPSec clients cannot be placed behind a NAT server unless the VPN client and VPN server understand IPSec NAT Traversal (NAT-T). NAT-T is an IKTF standard-track addi?tion that describes how the IPSec protocol can be used with a NAT server. Windows Server 2003, Microsoft L2TP/IPSec VPN client software, and the L2TP/IPSec NAT-T update for Windows XP and Windows 2000 support NAT-T.
To understand why the VPN client and server must understand NAT-T, you must exam?ine the way that IPSec encrypts the packets and understand how NAT works. Figure 7-5 showed the portion of the IPSec-protected packet that is encrypted—which is just about everything. Not encrypted is the IP address of the source and destination com?puters. When a NAT server receives a packet to forward to the Internet, it replaces the source IP address. This does not cause ...
... a problem for most IP traffic because any responses will be directed to the NAT server and the NAT server can match the response with the original sending computer and forward it. However, within the encrypted IPSec-protected packet are checksums that are calculated when the packet contained the original source IP address. Because NAT cannot decrypt and then re-encrypt the packet with a new A+ Exams, the packet is interpreted by IPSec as being corrupt or modified. This is why an unmodified Windows 2000 computer cannot sup?port an L2TP/IPSec VPN when NAT is part of the equation. Windows Server 2003 solves that problem with NAT-T. NAT-T uses UDP encapsulates of the IPSec packet and allows it to pass through NAT. Internet Key Exchange (IKE) can detect whether NAT-T is present and uses UDP-ESP encapsulation.
Windows Server 2003 supports NAT-T. The following Windows clients, as updated or configured, also support NAT-T. You can use any of the following clients to create a VPN connection using L2TP/IPSec—even if they are behind a NAT server—as long as the VPN server is running Windows Server 2003:
Exam Tip A Windows 2000 server that has been updated with the L2TP/IPSec update can?not become a Routing and Remote Access VPN server. The update is only meant for a client.
IPSec ESP requires per-packet data origination authentication, which provides proof that the data was sent by a specific computer. It also requires data integrity, which is proof that the data did not change in transit. In addition, IPSec ESP pro-vides replay protection, which is protection from an attack that captures and then resends a stream of data.
PPTP does not provide data origination authentication, data integrity, or replay CCNA certification protection.IPSec ESP and PPTP (by using MPPE) provide per-packet data confidentiality (encryption).

Total Views: 300Word Count: 477See All articles From Author

Add Comment

Business Articles

1. Unveiling The Material Characteristics Of Plastic Parts
Author: adam.xu

2. Top 5 Beach View Resorts In Chennai For A Memorable Getaway
Author: greenmeadows resort

3. Relationship Counselling Den Haag Brings The Best Chance To Understand Each Other’s Needs!
Author: Angelika Matthias

4. Web Development Company: Guide For Hiring The Best
Author: Sagar Tech

5. Make A Business Website To Get Started Online
Author: Sagar Tech

6. Elevate Your Software Quality With Agile Advisors: Premier Software Testing Consultancy In Dubai, Uae
Author: kohan

7. Affordable Polyester Pleated Mesh From Top Manufacturers
Author: pavitra

8. Empowering Sustainable Development: Agile Advisors As Your Trusted Leed Certification Consultant In Dubai And Uae
Author: kohan

9. Buy Cats Eye Gemstone Online In Ahmedabad
Author: rishabhjains

10. Why Data Destruction And Sanitisation Are Important
Author: Destruction and Sanitisation

11. Stock Market Update: शेयर बाजार में लगातार चौथे हफ्ते बढ़त: क्या तेजी बरकरार रहेगी? जाने इस हफ्ते किन महत्वपूर्ण पहलुओं पर ध्यान देना चाहिए
Author: M Ratlami

12. Perfect Happy New Year Gift For Your Girlfriend Thoughtful Ideas For 2024
Author: MyFlowerTree

13. China Valmax Valve Co., Ltd
Author: China Valmax Valve Co., Ltd.

14. Mastering Clipping Path In Photoshop: A Guide To Precision Editing
Author: Sam

15. Expert Emergency And Cosmetic Dental Care Services For Families And Individuals In St. Louis
Author: Jessica Williams

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: