VoIP
Robert Moskowitz
rgm at ICSA.NET
Wed May 24 12:10:56 EDT 2000
At 04:25 AM 5/24/2000 -0400, David Newman wrote:
> >
> > Morning,
> >
> > David, could you (and anyone) please tell more about the problems
> > with ASN.1
> > strings traveling over VPNs?
> >
> > As far as I understand VPNs should be transparent for the higher level
> > protocols ...
> >
>
>ESP mode encrypts the strings. ASN.1 is even harder to parse when it's
>encrypted. . .
Well, it is NOT ALWAYS a disaster. If routing flows through the VPN, and
addressing is shared on each end, then the VPN IS a transparent tunnel to
the two networks and anything goes.
It is when you have to do firewall type activity and you need the ASN.1
strings to figure out WHAT to do with stupid H.323 that things run amuk.
Your mileage will vary.
Robert Moskowitz
ICSA.net
(248) 968-9809
Fax: (248) 968-2824
rgm at icsa.net
There's no limit to what can be accomplished
if it doesn't matter who gets the credit
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list