RESEARCH ON IPSEC-BASED NAT-PT TRANSITION MECHANISM
Similar to conventional NAT technology, NAT-PT gateways break traditional TCP/IPs end-to-end argument property which result in IPSec can not be applied in NAT-PT environment, and would fall flat when the pool of IPv4 addresses is exhausted. A solution by adding IP transform message, modifying the address mapping tables and session tables, using port transform strategy with inner host computer character in IKE negotiation was proposed which implemented bidirectional communication among the nodes of IPv4 and IPv6, and made NAT-PT compatible with ESP and AH. Performance analysis shows that the proposed scheme is feasible and effective.
IPSec NAT-PT Transition Mechanism IKE negotiation
Weiping Peng Yajian Zhou Cong Wang Yixian Yang
Key Laboratory of network and information attack & defence technology of MOE,Beijing University of P Key Laboratory of network and information attack & defence technology of MOE,Beijing University of P
国际会议
北京
英文
222-226
2009-11-06(万方平台首次上网日期,不代表论文的发表时间)