[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: ISAKMP Oakley resolution and ipsec doi document questions

>>Let me try to understand. If I implement ISAKMP
>>and not want to use port 500, but say use port 
>>2000, could I use the port field to indicate to the 
>>receiver that the reply must be sent to port 2000
>>(I do not think this is the case, because the first
>>message of main mode exchange does not include
>>ID at all).
>The port in the ID payload is only used for identification and not for
>the ISAKMP protocol.  ISAKMP always uses port 500.  

> I'm not sure I understand how the following statement in the ISAKMP Standard
implies that "ISAKMP always USES port 500".
Implementations MUST include support for ISAKMP using the User Datagram
Protocol (UDP) on port 500.  UDP Port 500 has been assigned to ISAKMP by
the Internet Assigned Numbered Authority (IANA). Implementations MAY
tionally support ISAKMP over other transport protocols or over IP