On Wed, 17 Jun 2020, Toerless Eckert wrote:
These two choices are somewhat arbitrary, i am sure some vendor not following this draft will later come and complain that he prefers GRE in tunnel mode or IPinIP tunnel or transport mode,
Note that you cannot _require_ transport mode, as the IKEv2 protocol only allows you to _suggest_ transport mode. The peer can reject that suggestion and insist the connection uses tunnel mode. Paul _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
