Hi, I have 2 doubts regarding IKEv2,
1) If in IKE_AUTH request message initiator sends a ID_R payload(optional) specifying a particular peer identity, and the responder sends some different identity in the ID_R payload, what should be the behavior? Should we send a AUTHENTICATION failure message, or except this new identity of the peer and mark the SA established, if the other things are fine. 2) If we were to send a AUTHENTICATION failure, then this should be sent as a INFORMATIONAL exchange message (as the message received is a response and not request). What should be the message Id used? Regards, Prashant _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
