[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Phase 1 Lifetime and Lifedata
Raptor, was acquired by Axent, which in turn was acquired by Symantec. It
is now a Symantec product and appears to have been renamed.
http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=47
Khaja
> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Edward Wilkinson
> Sent: Monday, February 25, 2002 9:52 AM
> To: 'Christian Fanzen'; dfox@quarrytech.com
> Cc: ipsec@lists.tislabs.com
> Subject: RE: Phase 1 Lifetime and Lifedata
>
>
>
> Thanks,
> I have not encountered the Raptor yet, could you provide some additional
> information on that product. A search of the web finds lots of birds.
>
> Ed
>
> -----Original Message-----
> From: Christian Fanzen [mailto:cfranzenml@atsec.com]
> Sent: Monday, February 25, 2002 1:08 AM
> To: dfox@quarrytech.com; ewilkinson@efficient.com
> Cc: ipsec@lists.tislabs.com
> Subject: RE: Phase 1 Lifetime and Lifedata
>
>
> Hi,
>
> theory and praxis are allways different. In this case lifedata is
> defined by
> the IKE RFC, the theoretical part. But in practice for most
> vendors (Cisco,
> Checkpoint, Raptor, Win2K) the lifedata value MUST be set to
> zero! Otherwise
> the negotiation fails.
> In my opinion this configuration-data-field should be diasabled
> in order to
> not insecure users and admins.
>
> Christian
>
> > -----Original Message-----
> > From: owner-ipsec@lists.tislabs.com
> > [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of dfox@quarrytech.com
> > Sent: Freitag, 22. Februar 2002 00:32
> > To: ewilkinson@efficient.com
> > Cc: ipsec@lists.tislabs.com
> > Subject: RE: Phase 1 Lifetime and Lifedata
> >
> >
> > In the last couple of implementations, that I was involved with
> > testing, we
> > didn't use Lifedata in Phase 1. The reason for this is that the ISAKMP
> > communications are so small that it didn't make sense. If it
> was sent to
> > us, we dealt with it appropriately. We always used Lifetime, however.
> >
> > David
> >
> > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> > David Fox
> > Quarry Technologies dfox@quarrytech.com
> > 8 New England Executive Park Direct: 781-359-5094
> > Burlington, Massachusetts 01803 Main: 781-505-8300 x5094
> > www.quarrytech.com FAX: 781-505-8316
> > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> >
> > -----Original Message-----
> > From: Edward Wilkinson [mailto:ewilkinson@efficient.com]
> > Sent: Thursday, February 21, 2002 5:31 PM
> > To: Ipsec (E-mail)
> > Subject: Phase 1 Lifetime and Lifedata
> >
> > When using some of the gateways and clients, I see an option to set
> > lifedata.. Is this filed valid in phase 1 and if it is how would it be
> > used.
> >