[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SPD Selector (Newbie) Question
Hello,
i am writing on my diploma thesis about VPNs (not in english as you
may guess ;)) and have a question which may someone of you can answer.
If this is not the place to ask such questions i am sorry, but i
couldnīt find a newsgroup for IPSec, if there is another newsgroup or
list that fits better please tell me and i will no longer bother you
=)
In RFC2401 (Security Architecture for the Internet Protocoll) on page
17 it is mentioned that in the SPD there can be used IP-Adresses (and
adress ranges) or Identifiers like names. Now my question: Suppose i
want to use names, how does a security gateway match incoming
IP-packets from the local subnet (which should be sent secured over
the internet to somewhere else) to those names? The hosts will not
send identifiers along with every IP-packet i guess, so how does it
work? If every SPD-entry has to have ip-adresses in addition to the
name, what is the name good for?
hope you can help me
Marco
Follow-Ups: