Hi Andrew, > The example in: > > 3.1. Discovery of TCP Transport Support for IKEv2 > > has: > > Initiator switches to TCP:4500 for IKE_INTERMEDIATE / > IKE_AUTH / subsequent IKEv2 exchanges > > When opening the new TCP connection, does the initiator include the > IKETCP prefix; like it would if it started with TCP for IKE_SA_INIT?
Yes. Similar situation can happen with RFC 9329 and MOBIKE - you can switch to TCP in the middle of IKE communications and you always start it with IKETCP prefix (see Appendix B.4in RFC 9329). > (I'm pretty sure the answer is yes, it's just that all the text says > is "the initiator MUST switch to TCP port 4500 for subsequent > exchanges") We can add a clarification that IKETCP prefix is always included. Regards, Valery. > Andrew > > _______________________________________________ > IPsec mailing list -- [email protected] > To unsubscribe send an email to [email protected] _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
