Zusammenfassung
The talk gives an overview of the ipsec protocol and its use in several setups, pointing out the biggest limitation in using IPSec. IPSec does not work through natting devices, that exist in many common evironments, for example at home using a DSL router, or at hotels or airports, where only natted IP addresses will be assigned. Even some ISP assign private IP addresses to their customers. It will be explained in a technical summary why IPSec does not work in those cases.
The solution for that problem is a UDP encapsulation of the data connection also called NAT-Traversal (NATT). NATT is becoming currently very popular, though not an official standard yet, many IPSec vendors already have products supporting NATT. The main talk covers NATT, what it is, how it works and how it solves the problems.
We will outline on a technical level how several problems have been addressed. Possible network setups, where NATT can be used will be presented. The intended audience should have basic networking skills like IP, protocols, ports and static routing and have a basic understanding what VPN is about.
ワber den Autor
Gert studied computer science in Karlsruhe, prior working for an ISP building up the IP backbone and designing linux based firewall systems on a project basis. Right now he is working for Astaro as a Chief Software Architect and he is responsible for software development as well as analysis of the open-source market in the discovery of new and innovative features and their integration into Astaro's Firewall Product.
His personal intrest are cryptography and especially the IPSec protocol framework.
