From: Carter, Lee (Lee.Carter@CommerceBank.com)
Date: Mon Jun 16 2003 - 17:08:52 GMT-3
Robert,
Your security client is using IPSEC with is a layer-3 protocol IP 50/51.
This does not play well is NAT due to the fact that you would need a 1:1
static nat from your pc to the NET. Chances are your Hotel's are using
1:Many Nat or Cisco... PAT. (Port Address Translation). IPSEC will not work
with PAT because it has NO TCP/UDP Port numbers. There are newer version of
NAT Traversal or IPSEC that are starting to use port numbers but that is not
a standard as of yet.
I would suggest looking into "Netilla" it's more or less a terminal server
used over HTTPS and can be integrated with RSA Secure ID for authentication.
Hope this helps.
-----Original Message-----
From: McCallum, Robert [mailto:Robert.McCallum@let-it-be-thus.com]
Sent: Monday, June 16, 2003 2:51 PM
To: 'Ccielab' (E-mail); Cisco@Groupstudy. Com (E-mail); Comserv
(E-mail); 'security@groupstudy.com'
Subject: Email access over the Internet
Folks,
I have a problem in my work where for some strange reason I cant access my
email over the internet from a hotel. The reason for me not being able to
access email is because, oddly enough, the hotel uses NAT. We use
checkpoint firewalls and I use securemote software. Now I believe its
something to
do with the secure ID token that I use and when I type this in there is some
form of checksum which is checked at the server end. This of course has
changed due to the Nat going on.
has anybody out there experience this as well and know what the simple
solution is. I'm sure there is a simple solution and its just my company
politics which is causing me the problems.
Any help will be much appreciated.
Robert McCallum CCIE #8757
01415663448
07818002241
This archive was generated by hypermail 2.1.4 : Fri Jul 04 2003 - 11:10:59 GMT-3