Hi Yoav,
On Fri, Feb 19, 2010 at 3:22 AM, Yoav Nir wrote:
> Hi all.
>
> There are only three issues this time, because this is the last batch.
>
> Issue #173 - Trigger packets should not be required
> ===
> In a few places in the new section 2.23.1
Hi Yoav Nir & All Group Member
Thanks for your quick response. I think, instead of user takes special
care by adding extra Rule to allow un-encrypted ND traffic(unicast) ,
There should be some RFC guidelines, such that IPSEC/IKE protocol itself
can take care. It will be problem in
Hi all.
There are only three issues this time, because this is the last batch.
Issue #173 - Trigger packets should not be required
===
In a few places in the new section 2.23.1 in IKEv2bis, it says that one
must have a trigger packet when starting
A new Request for Comments is now available in online RFC libraries.
RFC 5739
Title: IPv6 Configuration in Internet Key
Exchange Protocol Version 2 (IKEv2)
Author: P. Eronen, J. Laganier,
C. Madson
Status
Tero Kivinen wrote:
Jerome A. Solinas writes:
We would recommend keeping the same numbers (19, 20, 21) since it
appears that all existing implementations have made the correction.
Not true.
So at least a couple of vendors are still doing the x-and-y
implementation. Nevertheless,
Hi Rahul.
I don’t have a link, but common sense says that there are four things to
consider when choosing algorithms:
- required strength - for example DES is only 56 bits.
- compliance - certain industries have regulations specifying which algorithms
to use.
- performance - of all the accept
Hi All
I need to create ipsec rules for services like telnet, ftp, print, icmp,
http etc separately, as part of my learning.
Could you anyone let me know, on what basis hashing(md5, sha1, xcbc) and
encrytion (des,3des, aes128/192/256 ) techniques can be chosen for each type
of service.
Please p
Hi, Syed Ajim.
In future please expand acronyms, because while it's safe to assume that anyone
reading this list knows what an SA is, not all of us are proficient in IPv6
terminology.
Having said that, policies usually have exceptions for protocols, that need to
run in the clear. IKE is an exa
Hi All
IPv6 Peer1 -- IPv6 Peer 2
I have one question, for IKE IPv6 Solution.
Assume in IPsec6 Policy I have configure Source IPv6 Address and
Destination IPv6 Address as Traffic selector, now IPSEC SA is not yet
establish.
When IKE Triggers, SA Neg
