[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: a simple question, I hope. Why do we need tunnel mode?
<199804091658.JAA11472@server.livingston.com>
Message-ID: <Roam.SIMCSD.2.0.4.892150956.32378.pcalhoun@hsmpka>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Sender: owner-ipsec@portal.ex.tis.com
Precedence: bulk
>
> My thinking similar.
>
> IP-in-IP mode of transport is a solution to get around enterprise
> firewall scrutiny. However, IPSec is not limited to this type of
> transport alone. Specifically, L2TP tunnels are equally good candidates
> for IPSec in the remote access realm of security solutions. So, I dont
> see a need to categorize "IP-in-IP Tunnel Mode" as a distinct type of
> security. Transport mode security does cover the Ip-in-IP tunnel mode,
> as a special case.
>
> cheers,
> suresh
>
You may also want to take a look at draft-ietf-mobileip-calhoun-tep-01.txt
which defines Multi-Protocol extensions for Mobile IP. This has the advantage
of being a multi-protocol layer 3 tunnel as opposed to layer 2.
IP-in-IP is already defined in RFC2003.
PatC