RFC 3715 (rfc3715) - Page 1 of 18
IPsec-Network Address Translation (NAT) Compatibility Requirements
Alternative Format: Original Text Document
Network Working Group B. Aboba
Request for Comments: 3715 W. Dixon
Category: Informational Microsoft
March 2004
IPsec-Network Address Translation (NAT) Compatibility Requirements
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract
This document describes known incompatibilities between Network
Address Translation (NAT) and IPsec, and describes the requirements
for addressing them. Perhaps the most common use of IPsec is in
providing virtual private networking capabilities. One very popular
use of Virtual Private Networks (VPNs) is to provide telecommuter
access to the corporate Intranet. Today, NATs are widely deployed in
home gateways, as well as in other locations likely to be used by
telecommuters, such as hotels. The result is that IPsec-NAT
incompatibilities have become a major barrier in the deployment of
IPsec in one of its principal uses.
Aboba & Dixon Informational