[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: ISAKMP Oakley resolution and ipsec doi document questions

To: "'Roy Pereira'" <rpereira@TimeStep.com>, "'ipsec@tis.com'" <ipsec@tis.com>, "'Edward A. Russell'" <erussell@ftp.com>
Subject: RE: ISAKMP Oakley resolution and ipsec doi document questions
From: Baiju Patel <baiju@ideal.jf.intel.com>
Date: Mon, 16 Jun 1997 10:02:18 -0700
Sender: owner-ipsec@ex.tis.com

I am confused. If port is 500 only, why are
we specifying it at all. It looks like this port
has nothing to do with identification. 

Let me try to understand. If I implement ISAKMP
and not want to use port 500, but say use port 
2000, could I use the port field to indicate to the 
receiver that the reply must be sent to port 2000
(I do not think this is the case, because the first
message of main mode exchange does not include
ID at all).

Baiju

-----Original Message-----
From:	Roy Pereira [SMTP:rpereira@TimeStep.com]
Sent:	Monday, June 16, 1997 7:26 AM
To:	'baiju@ideal.jf.intel.com'; 'ipsec@tis.com'; 'Edward A. Russell'
Subject:	RE: ISAKMP Oakley resolution and ipsec doi document questions

>>
>>2. in the doi document, who's port number is specified in
>>the identification payload? (initiator or reviver?)
>>The protocol ID and port are also in the field marked
>>reserved in the ISAKMP document. Is this intentional?
>>In my view, this should be consistent.
>
>The port is 500 for sending
>The port is 500 for receiving
>The port is 500 ONLY.
>I believe this came out of Memphis.

This change was due to some implementations only accepting ISAKMP
exchanges if both the source and destination ports were 500.

Prev by Date: RE: ISAKMP Oakley resolution and ipsec doi document questions
Next by Date: Re: ISAKMP Oakley resolution and ipsec doi document questions
Prev by thread: RE: ISAKMP Oakley resolution and ipsec doi document questions
Next by thread: RE: ISAKMP Oakley resolution and ipsec doi document questions
Index(es):
- Main
- Thread