[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IDs clarification
Yes.
cheers,
suresh
>
> Hi ,
>
>
> we need some help in the scenerio...
>
>
> (N1) (N2)
> H1|----------|sg1|---------------|sg2|------------|H2
> ->| ESP tunnel |<-
>
> In this scenario I want to negotiate an IPSEC SA from <H1 to H2>
> H1 is a host with in the trusted network of SG1 (N1).
> H2 is a host woth in the trusted network of SG2(N2)
> Between SG1 and SG2 it is ESP tunnel.
>
> We have some confusion regarding the ID payload information in phase 1 and
> 2. The understanding we have is the following :
>
> In phase 1 we send the IP address of SG1 as IDii (assuming H1 is the
> initiator and hence SG1) and IP address of SG2 as IDir. In phase 2, we
> send the actual source and destination - IP addresses of H1 and H2 (or
> perhaps other ID types corresponding to entities on H1 and H2) as IDci and
> IDcr respectively.
>
> Is this understanding correct?
>
>
> -thanks in advance
> -ramana
>
> * Ramana Yarlagadda
> * Rendezvous On Chip Pvt Ltd.
> * NewVasaviNagar, Kharkhana,
> * SECUNDERABAD - 500015.
> * INDIA
> * Tele Phone : (040) 7742606, 7740406
> * Email : ramana@trinc.com
> * http://www.trinc.com
> ******************************************************************
>
References: