[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKE negotiation/rekeying problem with RSIP
Michael C. Richardson writes:
> I want to emphasis that if you use other-than-port-500 in most
> implementations then you use it for both initiator and responder.
> IKE does *NOT* use the typical "swap src/dst port and reply" method
> that one is used to.
What? I think almost all the implementations are doing exactly that.
At least we are doing it... I might of course be wrong in this case...
--
kivinen@iki.fi Work : +358-9-4354 3218
SSH Communications Security http://www.ssh.fi/
SSH IPSEC Toolkit http://www.ssh.fi/ipsec/
Follow-Ups:
References: