Re: [Call-home] Why not IPsec with IKEv2 + NAT-T?
Eliot Lear <lear@cisco.com> Thu, 29 September 2005 16:19 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EL18U-0007Mu-7y; Thu, 29 Sep 2005 12:19:54 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EL18S-0007LE-JN for call-home@megatron.ietf.org; Thu, 29 Sep 2005 12:19:52 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA21014 for <call-home@ietf.org>; Thu, 29 Sep 2005 12:19:49 -0400 (EDT)
Received: from sj-iport-5.cisco.com ([171.68.10.87]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EL1G8-0006WI-BA for call-home@ietf.org; Thu, 29 Sep 2005 12:27:49 -0400
Received: from sj-core-3.cisco.com ([171.68.223.137]) by sj-iport-5.cisco.com with ESMTP; 29 Sep 2005 09:19:42 -0700
X-IronPort-AV: i="3.97,158,1125903600"; d="scan'208"; a="215809817:sNHT31346508"
Received: from imail.cisco.com (imail.cisco.com [128.107.200.91]) by sj-core-3.cisco.com (8.12.10/8.12.6) with ESMTP id j8TGJYVt026894; Thu, 29 Sep 2005 09:19:35 -0700 (PDT)
Received: from [212.254.247.4] (ams-clip-vpn-dhcp79.cisco.com [10.61.64.79]) by imail.cisco.com (8.12.11/8.12.10) with ESMTP id j8TGVGEI007144; Thu, 29 Sep 2005 09:31:17 -0700
Message-ID: <433C1418.6060507@cisco.com>
Date: Thu, 29 Sep 2005 18:19:36 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Pekka Nikander <pekka.nikander@nomadiclab.com>
Subject: Re: [Call-home] Why not IPsec with IKEv2 + NAT-T?
References: <433979ED.1000000@cisco.com> <7F8A2E5A-90A9-404E-9247-DBF93FAB367A@nomadiclab.com> <900D9AC5-1AB6-4063-9AEE-C227F94BDBA9@softarmor.com> <B3EF030E-4F05-460E-A6AF-798B0CE4B5F3@nomadiclab.com>
In-Reply-To: <B3EF030E-4F05-460E-A6AF-798B0CE4B5F3@nomadiclab.com>
X-Enigmail-Version: 0.92.0.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
DKIM-Signature: a=rsa-sha1; q=dns; l=361; t=1128011478; x=1128443678; c=nowsp; s=nebraska; h=Subject:From:Date:Content-Type:Content-Transfer-Encoding; d=cisco.com; i=lear@cisco.com; z=Subject:Re=3A=20[Call-home]=20Why=20not=20IPsec=20with=20IKEv2=20+=20NAT-T?| From:Eliot=20Lear=20<lear@cisco.com>| Date:Thu,=2029=20Sep=202005=2018=3A19=3A36=20+0200| Content-Type:text/plain=3B=20charset=3DISO-8859-1| Content-Transfer-Encoding:7bit; b=Zoq4nOBKVwG+uJNM9waq7ymGRpavQfbUYpuS6pXxhnL5tgfmxYCzWNZCoVwZNwXsGE3pgmUn GE1c4+fKD534oYTVjvA0xSlSo+ntxW7gILz4wYA0HfHWjzY87cleD9VFXnKZjdEKU2FycZSR9pm ZJ16yQeORjcZVeUNRmwAzsTk=
Authentication-Results: imail.cisco.com; header.From=lear@cisco.com; dkim=pass ( message from cisco.com verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c
Content-Transfer-Encoding: 7bit
Cc: call-home@ietf.org
X-BeenThere: call-home@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion of issues relating to " call home" functionality and firewall traversal" <call-home.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/call-home>, <mailto:call-home-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/call-home>
List-Post: <mailto:call-home@ietf.org>
List-Help: <mailto:call-home-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/call-home>, <mailto:call-home-request@ietf.org?subject=subscribe>
Sender: call-home-bounces@ietf.org
Errors-To: call-home-bounces@ietf.org
> The potential benefit is that you don't need to change your application > model that much, and that you may even be able to use current > credentials more easily. Well, define "that much". Somehow one guy needs to know they're managing and that the other guy is available. So the managed device can establish an IPSEC connection to the manager? Now the manager needs to know to manage. How does that occur? How will dispatch occur? Eliot _______________________________________________ Call-home mailing list Call-home@ietf.org https://www1.ietf.org/mailman/listinfo/call-home
- [Call-home] draft now posted; BoF? Eliot Lear
- Re: [Call-home] draft now posted; BoF? Juergen Schoenwaelder
- Re: [Call-home] draft now posted; BoF? Eliot Lear
- RE: [Call-home] draft now posted; BoF? Wijnen, Bert (Bert)
- Re: [Call-home] draft now posted; BoF? Wes Hardaker
- Re: [Call-home] draft now posted; BoF? Wes Hardaker
- Re: [Call-home] draft now posted; BoF? Juergen Schoenwaelder
- Re: [Call-home] draft now posted; BoF? Juergen Schoenwaelder
- Re: [Call-home] draft now posted; BoF? Josh Littlefield
- Re: [Call-home] draft now posted; BoF? David T. Perkins
- Re: [Call-home] draft now posted; BoF? David T. Perkins
- Re: [Call-home] draft now posted; BoF? Juergen Schoenwaelder
- [Call-home] Why not IPsec with IKEv2 + NAT-T? Pekka Nikander
- Re: [Call-home] Why not IPsec with IKEv2 + NAT-T? David T. Perkins
- Re: [Call-home] draft now posted; BoF? Eliot Lear
- Re: [Call-home] Why not IPsec with IKEv2 + NAT-T? Dean Willis
- Re: [Call-home] Why not IPsec with IKEv2 + NAT-T? Pekka Nikander
- Re: [Call-home] Why not IPsec with IKEv2 + NAT-T? Dean Willis
- Re: [Call-home] Why not IPsec with IKEv2 + NAT-T? Eliot Lear
- Re: [Call-home] draft now posted; BoF? Wes Hardaker
- Re: [Call-home] draft now posted; BoF? Juergen Schoenwaelder