[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Incoming SPD check on packet with no IPsec header?



Cambria, Mike [mailto:mcambria@avaya.com] writes:

 > In section 5.2.1 of RFC2401, should step #3 be performed 
 > (i.e. find incoming
 > policy in the SPD that matches the packet) even if the 
 > packet arrives with
 > no IPsec headers (e.g. nothing to do in steps 1 & 2)?

There may be a policy regarding what to do with packets that have no IPsec
header.

-- 
Dave Aronson, Software Engineer, +1-571-434-2039 V, +1-571-434-2001 F.
Opinions above are MINE, ALL MINE -- but for rent at reasonable rates.
Cryptek Secure Communications, 1501 Moran Rd., Sterling, VA 20166 USA.
SW ENGINEERS, EES: see http://www.cryptek.com and send me your resume.