[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ID lists in IKE phase 2



Partha Bhattacharya wrote:
> 
> I would like to see lists of ID payloads being negotiated in IKE phase 2. At
> least negotiating multiple networks on two sides seems quite beneficial to
> me in scenarios where there are disparate networks behind a security
> gateway. With the current restriction of 1 ID per phase 2 SA, a large number
> of SAs may be required.
> 
> I would like to know how the wg feels about this: complexity, benefits etc.

I second the motion. I proposed this around a year ago, but it didn't
generate much interest at that time. I remain interested in this
functionality.

Scott


References: