[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPCOMP and IPSEC



IPComp may be added by a security gateway just like IPSec ESP/AH is
added.  It would probably look like this though:

[IP2]
  [ESP spi+replay+iv]
    [IP1]
    [IPCOMP]
      [TCP]
      [data] 
    [ESP padding+next protocol+auth]



> -----Original Message-----
> From: Stephen Waters [mailto:Stephen.Waters@digital.com]
> Sent: Wednesday, May 27, 1998 6:19 PM
> To: ippcp@external.cisco.com; ipsec@tis.com
> Subject: IPCOMP and IPSEC
> 
> 
> 
> Is IPCOMP restricted for use by Hosts (at packet origin), or can it be
> appended by a Security Gateway as part of the process of 
> adding an IPSEC
> tunnel header?
> 
> e.g.
> 
> Original host packet [IP1][TCP][data]
> 
> After passing through a security gateway/IP tunnel:
> 
> [IP2][ESP][IPCOMP][IP1][TCP][data][padding/next protocol][ESP auth]
> 
> 
> If this is supported, is it detailed anywhere?  For example, if an
> Explicit IV is used, would it come after the ESP header or after the
> IPCOMP header?
> 
> 
> 
> 
> 
> Stephen Waters
> DEVON, UK
> 
> National: 01548 551012 / 550474
> International: 44 1548 551012 / 550474
> Stephen.Waters@Digital.com 
> 


Follow-Ups: