RE: SA bundle negotiation
Sankar Ramamoorthi <Sankar@vpnet.com> Fri, 15 October 1999 20:03 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id NAA04432; Fri, 15 Oct 1999 13:03:31 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id OAA05541 Fri, 15 Oct 1999 14:11:56 -0400 (EDT)
Message-ID: <D899E9E27BE9D211842200805FA67B431B957A@vpnet.com>
From: Sankar Ramamoorthi <Sankar@vpnet.com>
To: 'David Tannheimer' <dtannhei@nortelnetworks.com>, ipsec@lists.tislabs.com
Subject: RE: SA bundle negotiation
Date: Fri, 15 Oct 1999 11:13:44 -0700
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.0.1461.28)
Content-Type: text/plain; charset="windows-1252"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
It is my understanding that all should be negotiated in tunnel mode. -- sankar -- -----Original Message----- From: David Tannheimer [mailto:dtannhei@nortelnetworks.com] Sent: Friday, October 15, 1999 7:17 AM To: ipsec@lists.tislabs.com Subject: SA bundle negotiation I apologize in advance if this has already been beaten to death on the list. I have a question as to the right way to negotiate encapsulation mode for certain ipsec SA bundles, to ensure interoperability. I've heard various arguments, but I need a larger feedback sampling. To achieve the following encapsulation format, should both the ESP transform payload and the AH transform payload (in the quick mode exchange) specify Tunnel mode, or is ESP in Tunnel mode and AH in Transport mode? ----------------------------------------- | Outer | AH | ESP | Orig | Payload | | IP Hdr | Hdr | Hdr | IP Hdr | | ----------------------------------------- Same idea here. Should IPComp be negotiated as Tunnel mode, with both ESP and AH in Transport mode, or are they all negotiated as Tunnel mode? -------------------------------------------------- | Outer | AH | ESP | IPComp | Orig | Payload | | IP Hdr | Hdr | Hdr | Hdr | IP Hdr | | -------------------------------------------------- Thanks, Dave
- SA bundle negotiation David Tannheimer
- RE: SA bundle negotiation Sankar Ramamoorthi