[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ICMP messages

To: ipsec@ans.net
Subject: Re: ICMP messages
From: "William Allen Simpson" <bsimpson@morningstar.com>
Date: Tue, 13 Feb 96 22:40:06 GMT
Reply-To: ipsec@ans.net
Sender: ipsec-owner@ans.net

> From: smb@research.att.com
> Worse yet, if an intermediate route generates the ICMP bounce, there
> won't be enough information in the returned portion of the header to
> tie it to a particular socket.
>
Only if you are using the same Destination+SPI for more than one socket.

In general, this is not a problem for VPNs or mobility, since the tunnel
is between hosts.  It is only a problem for user-user keys, and then
only for those not using automated key management to coordinate the SPIs.

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

Prev by Date: Re: ICMP messages
Next by Date: Re: ICMP messages
Prev by thread: Re: ICMP messages
Next by thread: Re: ICMP messages
Index(es):
- Main
- Thread