VPN Traversal


There are some issues at times with certain security protocols traversing a NAT scenario on a firewall. The way a firewall divides a single IP address into multiple, allowing a single internet connection to be divided across a network. This is, along with a proxy server, are the primary ways that an internet connection is shared. In any network situation, this is a needed feature of the firewall; any issues that may arise from such a configuration must be dealt with by workarounds or alternative methods of communication.

The reason that traversal might be a needed method of communication across a NAT situation is because of the way the connection is shared. The internet connection displays a single IP address to web sites that are contacted by computers on the network. In cases where there is a secure connection is attempted back to the source machine that has initiated the contact, vpn traversal needs to take place because any verification of the address of that end machine will fail due to the fact that the NAT provides an address to the client computer that cannot match the IP reporting from the external connection of the firewall.

Traversal is used to create an IPSEC tunnel that carries a secure connection through the firewall using the NAT-T port if that firewall supports that functionality. There is no standardized way to achieve VPN traversal, so there are a few different ways to accomplish traversal. Most methods of VPN traversal involve the need to open a specific port to traffic. The VPN traversal can allow IPSEC to pass through and create a peer to peer connection between two computers and avoiding the confusion caused by the NATed IP4 addresses. The inherent issues that inspire the need to VPN traversal cannot be avoided until the day where every single computer can have its own real world IP address, which is not likely in the near future.


Source by Bill Jhonson

View all VPN Deals

Trusted Coupon
Compare items
  • Total (0)