摘要
IP协议没有采取任何安全措施,本质而言是不安全的,为确保IP层通信安全,制定了IPSEC协议。但却与当今广泛采用的地址转换(NAT)技术不兼容,制约着内网用户之间点对点通信的发展。文中介绍了IPSEC与NAT 2种协议的基本原理,分析两者之间存在矛盾的问题所在,结合UDP封装法实现NAT穿越和地址通告的思想,提出了一种基于中间件的IPSEC穿越NAT的方案。
As the IP protocol has no security measures,it is unsafe in essence.The IPSEC protocol was developed to ensure IP communications security.But it is not compatible with the NAT technology which is widely used today,so the development of peer-to-peer communication is restricted between inner network users.This paper introduces the basic principles of NAT and IPSEC first,analyses the problem of in compatibility between NAT and IPSEC,combines the UDP encapsulation method and IP address notification,finally prop...
出处
《中国海洋大学学报(自然科学版)》
CAS
CSCD
北大核心
2008年第S1期107-110,共4页
Periodical of Ocean University of China