At 05:38 PM 4/21/2000 -0400, Keith Moore wrote:
doesn't this require the NAT to use the same inside<->outside address
binding for the connection between the client and the KDC as for
the connection between the client and the application server?
e.g. it seems like the NAT could easily change address bindings
during the lifetime of a ticket.
Yup, so far I have always been able to work around this by opening up an
SSL IMAP connection to remote server to stablize the address while I need
to do other work. Oh the fun games we encounter when mixing security and
NATs :)
Paul