[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ISAKMP DOI Question (General, Not IP Specific)
> Date: Wed, 18 Dec 1996 11:51:54 -0500
> From: ho@earth.hpc.org (Hilarie Orman)
> To: weaver@hydra.dra.hmg.gb
> Cc: ipsec@tis.com
> Subject: Re: ISAKMP DOI Question (General, Not IP Specific)
> > > - There can only be one SA between two machines at a given time.
>
> > I suppose this depends on who owns the SA i.e. if the owner of an SA
> > is identified by the IP addr only (and a host only has one IP addr)
> > then IMHO there can be only one pair of unidirectional SAs between any pair of
> > machines.
>
> Why? The SA has an identifier; you can several SA's for the same identities
> without fear of confusion.
>
>
On outbbound calls there is no notion of a SPI. The only information
available to identify an SA is:
Destination Addr
Port number
****************************************************
Elfed T. Weaver
Defence Research Agency
Malvern
UK
weaver@hydra.dra.hmg.gb
Follow-Ups: