[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Move TS to optional (RE: Don't remove TS from IKEv2)

To: "Rajesh Mohan" <rajesh.mohan@nexsi.com>
Subject: Re: Move TS to optional (RE: Don't remove TS from IKEv2)
From: Dan Harkins <dharkins@tibernian.com>
Date: Mon, 25 Mar 2002 10:59:42 -0800
Cc: "IP Security List" <ipsec@lists.tislabs.com>
In-Reply-To: Your message of "Fri, 22 Mar 2002 18:01:10 PST." <OLEPJEJDFKFHHJDEPBBKCEAECCAA.rajesh.mohan@nexsi.com>
Sender: owner-ipsec@lists.tislabs.com

On Fri, 22 Mar 2002 18:01:10 PST you wrote
> 
> We do not need no-TS feature if IKEv2 can solve all cases. Can we configure
> IKEv2 such that between the same pair of host we have "ESP null for H.323"
> and "ESP for FTP"? If the draft cannot cover this case, then no-TS feature
> will be useful where it is needed.

IKEv2 is not configured to express that, the SPD is. Can you configure the
SPD to express "ESP for FTP" or "ESP null for H.323"? If you can then that
representation in the SPD is passed to IKEv2 when a packet matches that rule
and no SA exists. If you cannot then this is not an IKEv2 issue.

  Dan.

Follow-Ups:
- Re: Move TS to optional (RE: Don't remove TS from IKEv2)
  - From: Henry Spencer <henry@spsystems.net>
- RE: Move TS to optional (RE: Don't remove TS from IKEv2)
  - From: "sankar ramamoorthi" <sankar@nexsi.com>

References:
- RE: Move TS to optional (RE: Don't remove TS from IKEv2)
  - From: "Rajesh Mohan" <rajesh.mohan@nexsi.com>

Prev by Date: RE: Move TS to optional (RE: Don't remove TS from IKEv2)
Next by Date: opportunistic (was RE: Don't remove TS from IKEv2)
Prev by thread: RE: Move TS to optional (RE: Don't remove TS from IKEv2)
Next by thread: Re: Move TS to optional (RE: Don't remove TS from IKEv2)
Index(es):
- Date
- Thread