[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: revised IPsec processing model
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Mark,
I'm doing my best to try to understand, but email is a difficult medium
for conveying complex ideas, so please bear with me while I try to sort
this out. Given the following picture
~ +---------------+
~ | | +------+
~ [host a]------|[if0] [if1]|_____________| |
~ | | | |_____________| SGW2 |---[host b]
~ |[spd0] [spd1]| tunnel | |
~ +---------------+ +------+
I think you're saying that you want the policy rule causing traffic
from host a to host b to be tunneled to live in spd0 instead of spd1. Is
this right?
Scott
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org
iD8DBQE/KonXMtIdhO0pgN4RAnA/AJ4iDlbPPLEHVCl5WFfyfzSfKV1TfgCfQ6IF
Pf/TcgOJIZbCPNGciio093E=
=g14L
-----END PGP SIGNATURE-----