At 6:53 PM +0300 5/13/09, Yoav Nir wrote: >Paul Hoffman wrote: >> >> At 8:56 PM +0800 5/13/09, Hui Deng wrote: >> >Dear IPsec forks, >> > >> >May I consult one question here: >> > >> >Whether we could still do IKEv2 negotiation >> (Authenticaiton), but not >> >use IPsec tunnel? >> >> You never need to use a tunnel, regardless of how it was >> brought up. The tunnel can just sit there, feeling lonely and >> abandoned, waiting for traffic. > >Yes, but you can't rely on the peer not having a policy that says "all tunnels >that are idle for 30 seconds get deleted"
Of course, but that's not what Hui asked. In his scenario, he should assume that the tunnel will get nuked by one side or the other either due to disuse or an active management choice. --Paul Hoffman, Director --VPN Consortium _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
