On Fri, Jan 08, 2010 at 04:53:25PM -0500, Scott C Moonen wrote: > Dan, I think the intent of that text was to read "non-UDP encapsulated" as > "non-UDP encapsulated [ESP]". I.e., it is not saying you should support > both UDP-encapsulation and vanilla UDP on port 4500; it is saying that you > should support UDP encapsulation for an ESP tunnel even if a NAT was not > detected for that tunnel.
ESP isn't a tunnelling protocol... ;) You meant an ESP SA, right? OTOH, what is an ESP clarification doing in IKEv2? > So it might be good to reword it to clarify, Yes, it definitely would be! Anyone else who's an actual document editor agree with Scott and me? Dan _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
