[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Phase 1 Lifetime and Lifedata



Raptor, was acquired by Axent, which in turn was acquired by Symantec.  It
is now a Symantec product and appears to have been renamed.

http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=47

Khaja

> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Edward Wilkinson
> Sent: Monday, February 25, 2002 9:52 AM
> To: 'Christian Fanzen'; dfox@quarrytech.com
> Cc: ipsec@lists.tislabs.com
> Subject: RE: Phase 1 Lifetime and Lifedata
>
>
>
> Thanks,
>  I have not encountered the Raptor yet, could you provide some additional
> information on that product. A search of the web finds lots of birds.
>
> Ed
>
> -----Original Message-----
> From: Christian Fanzen [mailto:cfranzenml@atsec.com]
> Sent: Monday, February 25, 2002 1:08 AM
> To: dfox@quarrytech.com; ewilkinson@efficient.com
> Cc: ipsec@lists.tislabs.com
> Subject: RE: Phase 1 Lifetime and Lifedata
>
>
> Hi,
>
> theory and praxis are allways different. In this case lifedata is
> defined by
> the IKE RFC, the theoretical part. But in practice for most
> vendors (Cisco,
> Checkpoint, Raptor, Win2K) the lifedata value MUST be set to
> zero! Otherwise
> the negotiation fails.
> In my opinion this configuration-data-field should be diasabled
> in order to
> not insecure users and admins.
>
> Christian
>
> > -----Original Message-----
> > From: owner-ipsec@lists.tislabs.com
> > [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of dfox@quarrytech.com
> > Sent: Freitag, 22. Februar 2002 00:32
> > To: ewilkinson@efficient.com
> > Cc: ipsec@lists.tislabs.com
> > Subject: RE: Phase 1 Lifetime and Lifedata
> >
> >
> > In the last couple of implementations, that I was involved with
> > testing, we
> > didn't use Lifedata in Phase 1.  The reason for this is that the ISAKMP
> > communications are so small that it didn't make sense.  If it
> was sent to
> > us, we dealt with it appropriately.  We always used Lifetime, however.
> >
> > David
> >
> > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> > David Fox
> > Quarry Technologies                                dfox@quarrytech.com
> > 8 New England Executive Park                 Direct: 781-359-5094
> > Burlington, Massachusetts  01803            Main: 781-505-8300 x5094
> > www.quarrytech.com                                FAX:   781-505-8316
> > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> >
> >  -----Original Message-----
> > From: 	Edward Wilkinson [mailto:ewilkinson@efficient.com]
> > Sent:	Thursday, February 21, 2002 5:31 PM
> > To:	Ipsec (E-mail)
> > Subject:	Phase 1 Lifetime and Lifedata
> >
> > When using some of the gateways and clients, I see  an option to set
> > lifedata..  Is this filed valid in phase 1 and if it is how would it be
> > used.
> >