[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSec over GRE why ?
Lars,
Lars Eggert <larse@ISI.EDU> writes:
> On 2/25/2003 1:01 PM, Derek Atkins wrote:
> > Tunneling GRE within IPsec would work, but I would only suggest it if
> > you are trying to tunnel non-IP packets. If you're just trying to
> > tunnel IP packets, then just use IPsec's tunnel-mode and be done with
> > it.
>
> Not if existing dynamic routing protocols are required inside the
> virtual topology. See draft-touch-ipsec. (Details in my earlier reply.)
The requirement to run dynamic routing protocols was NOT the question
asked. Please re-read Shelton's question before commenting on my
answer. Quoting my answer out of context and applying alternate
requirements is both rude and unhelpful.
In particular, he asked:
> imagine that I have a GRE tunnel to a remote clinic; further suppose I
> need the traffic to be IPSec b/c of HIPPA regs. Should I have more
> accurately asked for IPSec in GRE, as opposed to GRE w/in IPSec?
I see nothing in here about dynamic routing protocols. Do you?
> Lars
-derek
PS: I see no earlier reply in this thread. What is the subject and
messageID of your earlier reply?
--
Derek Atkins
Computer and Internet Security Consultant
derek@ihtfp.com www.ihtfp.com