[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tunnel Mode and Auditable Events

To: 827 <827@nu.edu.pk>
Subject: Re: Tunnel Mode and Auditable Events
From: Stephen Kent <kent@bbn.com>
Date: Wed, 20 Feb 2002 09:25:54 -0500
Cc: "'ipsec'" <ipsec@lists.tislabs.com>
In-Reply-To: <4F7DD203738DD411B71A00B0D03DDECC0173B99E@highway>
References: <4F7DD203738DD411B71A00B0D03DDECC0173B99E@highway>
Sender: owner-ipsec@lists.tislabs.com

>I have two questions:
>1) Why is it necessary for an SA involiving a Security Gateway to be in
>Tunnel Mode?
>
>2) What are auditable events (how are they defined?)?
>
>Regards

SAs terminating at SGs must be in tunnel mode, if they are for 
transit traffic, because otherwise we could have problems when a set 
of hosts (e.g., a campus network) is served by multiple SGs (i.e., 
multihomed).

Throughout the RFCs (2401, 2402, 2406) we define what should be 
audited; those are auditable events.

Steve

References:
- Tunnel Mode and Auditable Events
  - From: 827 <827@nu.edu.pk>

Prev by Date: Re: Tunnel Mode and Auditable Events
Next by Date: Re: IPsec inbound processing
Prev by thread: Re: Tunnel Mode and Auditable Events
Next by thread: Lifetime & rekeying
Index(es):
- Date
- Thread