[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Non-IP type Client IDs



Scott,

RFC 2401 embodies the notion that one can use a non-address ID type as a
selector in the SPD search. If the user ID is found in thge SPD, then one
creates a temporary SPD entry populated with IP addresses that have been
dynamically assigned, e.g., in the remote user scenario.  The document
notes, near the top of page 19, the requirement to support user names for
INBOUND SA creation in security gateways, motivated by this scenario.

Steve


References: