[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ipsec masqueradin
Title: ipsec masqueradin
Hi
I am implementing an IPsec masquerading service for vxWorks for our product. I had some questions... I would appreciate if somebody could clarify them for me.
- is ISAKMP icookie masquerading acceptable or the remote server has some way of distinguishing icookies coming from the source security gateway / masquerading gateway and will reject if the masquerading gateway changes the icookie value.
- is there a way to distinguish tunnel mode from transport mode just by looking at an ESP packet.
- is there any relation between the ISAKMP icookie and the ESP SPI ( i mean is the value of SPI dependent on the icookie value or is it pretty much a random selection from a range of unused SPIs).
Thanks a lot
-Bik
------------------------------------------------------------------------------------------
Bik Singh 818-575-2518 (Off)
Research Scientist 818-597-1502 (Fax)
Product Development 31355 Agoura Road
Nomadix Westlake Village, CA 91361