RFC 3715

IPsec-Network Address Translation (NAT) Compatibility Requirements, March 2004

Canonical URL:
https://www.rfc-editor.org/rfc/rfc3715.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Authors:
B. Aboba
W. Dixon
Stream:
IETF
Source:
ipsec (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC3715

Discuss this RFC: Send questions or comments to iesg@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document describes known incompatibilities between Network Address Translation (NAT) and IPsec, and describes the requirements for addressing them. Perhaps the most common use of IPsec is in providing virtual private networking capabilities. One very popular use of Virtual Private Networks (VPNs) is to provide telecommuter access to the corporate Intranet. Today, NATs are widely deployed in home gateways, as well as in other locations likely to be used by telecommuters, such as hotels. The result is that IPsec-NAT incompatibilities have become a major barrier in the deployment of IPsec in one of its principal uses. This memo provides information for the Internet community.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader