[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: some issues about IPSec
>
> Perhaps at this time someone can also explain to me the benefit of
> classing an SA as either tunnel or transport. I am still a strong
> proponent of the old-style (RFC 1825) formatting which allows the IPsec
> protocol to be more powerful and more generally useful.
>
I really don't see the benefit of transport mode at all from our
perspective. None of our customers require it because we can communicate
securely peer to peer (This is from a VPCOM (our product) perspective).
Also, even going through a third party security gateway, peer to peer can
be done.
>
> I guess I don't see why we should restrict the functionality of an
> implementation based on the implementation method at all. If the
> packets emerging from the _box_ don't give any indication of what method
> was used to encapsulate them, why should we even care?
>
The questions here are what are the beneifits of transport mode that are
not provided in tunnel mode ?
Jeffrey Goodwin
President/CEO Ashley Laurent, Inc. www.osgroup.com
Follow-Ups:
References: