[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Phase 2 ID's for different VPN's with different Address Space
My mistake.
I assumed that the host-pair belonging to VPN1 and VPN2 are different.
-- sankar --
-----Original Message-----
From: Daniel Fox [mailto:dfox@ennovatenetworks.com]
Sent: Tuesday, November 02, 1999 6:24 AM
To: Sankar Ramamoorthi
Cc: ipsec@lists.tislabs.com
Subject: Re: Phase 2 ID's for different VPN's with different Address
Space
Sankar,
Thanks for the reply. Comments below.
Sankar Ramamoorthi wrote:
> Would'nt VPNs with operlapping address space cause a problem
> only when the address spaces intersect on both ends?
> If they are just intersecting on one side then the address selectors
> should be able uniquely determine which vpn the phase2 exchange
> belongs to - right?
Yeah, but that's not the problem I'm trying to solve.
>
>
> Also in the diagram shown below, would'nt using identifiers of
> type IP_ADDRESS_RANGE solve the problem.
>
I don't think so. I think they would still overlap, but I must admit I'm
not
sure what you are getting at. Would this solve the general case? If so,
could
you elaborate further? Thanks.