[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPSec SA DELETE in "dangling" implementation

To: ipsec <ipsec@lists.tislabs.com>
Subject: IPSec SA DELETE in "dangling" implementation
From: Slava Kavsan <bkavsan@ire-ma.com>
Date: Tue, 30 Nov 1999 11:45:33 -0500
Sender: owner-ipsec@lists.tislabs.com

Here is the dilemma: if "dangling" implementation wants to send IPSec SA
DELETE message, while the "parent" IKE SA is no longer there (expired or
deleted), the alternatives are (and I do not like either of them):

a) do not send DELETE
b) re-negotiate IKE SA before sending DELETE

Any suggestions?

Follow-Ups:

Re: IPSec SA DELETE in "dangling" implementation

From: "Scott G. Kelly" <skelly@redcreek.com>

Re: IPSec SA DELETE in "dangling" implementation

From: "Derrell D. Piper" <ddp@network-alchemy.com>

Prev by Date: Re: ISAKMP Configuration Method
Next by Date: Re: ISAKMP Configuration Method
Prev by thread: General discussion
Next by thread: Re: IPSec SA DELETE in "dangling" implementation
Index(es):
- Main
- Thread