* Multiple IPSec sessions
@ 2004-01-14 0:19 mukesh Kumar
2004-01-17 13:44 ` Antony Stone
0 siblings, 1 reply; 2+ messages in thread
From: mukesh Kumar @ 2004-01-14 0:19 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 301 bytes --]
Hi All,
I am trying to extend conntrack/NAT to allow multiple IPsec(ESP)
tunnels to pass through.
The purpose is to allow multiple lan clients to have sessions with the
same server.
Can someone suggest some designs for doing something like this .Any
help is greatly appreciated.
Mukesh
[-- Attachment #2: Type: text/html, Size: 1811 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Multiple IPSec sessions
2004-01-14 0:19 Multiple IPSec sessions mukesh Kumar
@ 2004-01-17 13:44 ` Antony Stone
0 siblings, 0 replies; 2+ messages in thread
From: Antony Stone @ 2004-01-17 13:44 UTC (permalink / raw)
To: netfilter
On Wednesday 14 January 2004 12:19 am, mukesh Kumar wrote:
> Hi All,
>
> I am trying to extend conntrack/NAT to allow multiple IPsec(ESP)
> tunnels to pass through.
I'm not sure I understand why you need to "extend" it.
> The purpose is to allow multiple lan clients to have sessions with the
> same server.
This is possible anyway. Standard connection tracking distinguishes
independent connections by source & destination IP address (and also source &
destination port in the case of TCP / UDP), therefore so long as at least one
of the addresses involved in each connection is unique you should have no
problem supporting mutliple sessions. You say you wish multiple clients to
access one server - the clients will all have different IP addresses,
therefore they will be treated as independent connections.
Regards,
Antony
--
Anyone that's normal doesn't really achieve much.
- Mark Blair, Australian rocket engineer
Please reply to the list;
please don't CC me.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-01-17 13:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-01-14 0:19 Multiple IPSec sessions mukesh Kumar
2004-01-17 13:44 ` Antony Stone
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.