Is it possible to extend ones network through an IPSec tunnel? In other words - can the IP addresses of hosts on both ends of the IPSec tunnel be on the same IP network? Scenario: We have a wireless LAN setup and want to put PIX 501's on either end. Hosts -> Pix -> Wireless Bridge <-> Wireless Bridge <- Pix <- Hosts. Right now the hosts are on the same IP network (without Pix in place) . Can I put the Pix in place and make and IPSec tunnel between them without having to change the IP network at the remote site? We are trying to encrypt our traffic with IPSec in addition to WEP.
Would it be possible to use IPSec (ESP in Transport Mode)? This way I'm using the same IP header. Can I just say anytime a packet needs to go thru either PIX - encrypt it and forward to the other PIX? Does this make sense?
You can setup a router at each location and run Datalinkswitching (Dlsw) on these.
Dlsw works between two IP endpoints and is giving you bridge facilities. I have several installations running SNA over IPSec tunnels via Dlsw. The only thing you must be aware off, is that it doesn't work with Dlsw / UDP therefore you have to turn this off in the Dlsw router. (dlsw udp-disable)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...