On 11/7/11 10:19 PM, "Michael Richardson" <m...@sandelman.ca> wrote:
> >>>>>> "Yoav" == Yoav Nir <y...@checkpoint.com> writes: > Yoav> I don't see how DNS figures into this. We have three > Yoav> gateways: - hub-gw, which knows the protected domains of > Yoav> everyone - spoke32, which protects 192.168.32.0/24, knows > Yoav> about hub-gw, and sends all 192.168.0.0/16 to hub-gw. - > Yoav> spoke79, which protects 192.168.79.0/24, knows about hub-gw, > Yoav> and sends all 192.168.0.0/16 to hub-gw > >Yes. And, how is this policy communicated? Over IKE? Using a new protocol that we'll invent? SOAP? As an attribute in a certificate, kind of like SIDR? _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec