[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Don't remove TS from IKEv2
>
> Michael> It was pointed out the responder can have wider
> TS to do opportunitic sa.
> Michael> The problem of it is it only works for
> client-server case and fails in
> Michael> peer-to-peer case. Even in client-server
> scenario, most likely the server
>
> Have you really tried it?
>
No. But I believe for peer-to-peer (each side can be either initiator or
responder) the proxy-id or TS must be exact matched. am I wrong?
Michael Shieh