[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Protection of port 500

To: Pervaiz Rizvi <shoaib21@juno.com>
Subject: Re: Protection of port 500
From: Jason R Thorpe <thorpej@zembu.com>
Date: Mon, 15 Jan 2001 00:37:21 -0800
Cc: ipsec@lists.tislabs.com
In-Reply-To: <20010114.210912.-318249.5.shoaib21@juno.com>; from shoaib21@juno.com on Sun, Jan 14, 2001 at 09:09:12PM -0800
Mail-Followup-To: Jason R Thorpe <thorpej@zembu.com>,Pervaiz Rizvi <shoaib21@juno.com>, ipsec@lists.tislabs.com
Organization: Zembu Labs, Inc.
References: <20010114.210912.-318249.5.shoaib21@juno.com>
Reply-To: thorpej@zembu.com
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Mutt/1.2.5i

On Sun, Jan 14, 2001 at 09:09:12PM -0800, Pervaiz Rizvi wrote:

 > Since IPsec uses UDP500 for key exchange,
 > how does it know to ignore configurations
 > that seek to protect udp/500 with IPsec?
 > If this were allowed, presumably the IPsec
 > stack would go into an unterminating recursion.

Presumably the IKE daemon would change the policy for the
communication endpoints it is using.

-- 
        -- Jason R. Thorpe <thorpej@zembu.com>

Follow-Ups:

Re: Protection of port 500

From: Stephen Kent <kent@bbn.com>

References:

Protection of port 500

From: Pervaiz Rizvi <shoaib21@juno.com>

Prev by Date: Protection of port 500
Next by Date: Re: Inbound processing of ESP packet
Prev by thread: Protection of port 500
Next by thread: Re: Protection of port 500
Index(es):
- Main
- Thread