Vijay Devarapalli writes:
> 7. Handling Redirect Loops
>
>The client could end up getting redirected multiple times in a
>sequence, either because of wrong configuration or a DoS attack. The
>client could even end up in a loop with two or more gateways
>redirecting the client to
Raj Singh writes:
> 1. Initiator is behind N(P)AT and float the port to (4500, 4500)
>
> and send IKE_AUTH with source port 4500 now N(P)AT changes source port
> as 1024 but there is a man-in-the-middle who changes the port to other
> host behind N(P)AT's port say 1025, still IKE_AUTH packet is a
Vijar Devarapalli wrote:
>Hi Yoav,
>
>On 7/29/09 9:13 PM, "Yoav Nir" wrote:
>
>> Hi Vijay.
>>
>> "default" is usually associated with a particular implementation or
>> product. I think it would be better to say "suggested value" rather
>> than "default value".
>
> "default value" is the right te
Hi Tero,
On Thu, Jul 30, 2009 at 2:16 PM, Tero Kivinen wrote:
> Raj Singh writes:
> > 1. Initiator is behind N(P)AT and float the port to (4500, 4500)
> >
> > and send IKE_AUTH with source port 4500 now N(P)AT changes source port
> > as 1024 but there is a man-in-the-middle who changes the por
On 7/30/09 1:36 AM, "Tero Kivinen" wrote:
> Vijay Devarapalli writes:
>> 7. Handling Redirect Loops
>>
>>The client could end up getting redirected multiple times in a
>>sequence, either because of wrong configuration or a DoS attack. The
>>client could even end up in a loop with t
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions Working
Group of the IETF.
Title : Redirect Mechanism for IKEv2
Author(s) : V. Devarapalli, K. Weniger
F