[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NAT traversal and refreshes

To: ipsec@lists.tislabs.com
Subject: NAT traversal and refreshes
From: David Wierbowski <wierbows@us.ibm.com>
Date: Thu, 12 Feb 2004 12:26:38 -0500
Sender: owner-ipsec@lists.tislabs.com





I have a question about the "Negotiation of NAT-Traversal in IKE" draft.
Should the NAT vendor ID, NAT-D payloads, and NAT-OA payloads documented in
draft-ietf-ipsec-nat-t-ike-07 be exchanged during refreshes of a phase 1
and phase 2 SAs or should they only be exchanged in the initial negotiation
of a phase 1/2 SA?  It seems as if once you've detected a NAT in the
initial negotiation there's not much value in checking if it is still there
on a refresh. Thanks in advance for your help.

Dave Wierbowski

z/OS Comm Server Development

Follow-Ups:
- NAT traversal and refreshes
  - From: Tero Kivinen <kivinen@iki.fi>

Prev by Date: Length of checksum in IKEv2 encrypted payload?
Next by Date: Re: NAT traversal and refreshes
Previous by thread: Length of checksum in IKEv2 encrypted payload?
Next by thread: NAT traversal and refreshes
Index(es):
- Date
- Thread