[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
routing and outbound.
Hi.
Imagine an IPSEC armed router. As any knows routers
have interfaces. Each interface may be IPSEC enabled or not( Am I
right !!?? ).
Upon arrival of any packet to router which serries
of task must be done on the acket?
1- Inbound , Outbound and then
Routing.
2- Inbound , Routing and then
Outbound.
3- Routing , inbound and then Outbound.
each of these configuration has weaknesses.
a)-in case 1 there is high probability danger of
denial of service for protected subnetwork when at least one of routers
interfaces is IPSEC unarmed.
b)-case 2 has logical flaw. After Outbound process
new packet will be made with new IP header. so this needs routing again.
c)- case 3 means that IPSEC Process must be done
after Routing. this has spoofing danger.
now what configuration is correct or may be I have
a basic missundrestanding.
best regars
mahdavi
Follow-Ups: