define these
extreme case behavior also in RFC,
to make inter-op smooth.
With Regards
Syed Ajim
-Original Message-
From: Yoav Nir [mailto:ynir.i...@gmail.com]
Sent: 2014年5月4日 12:49
To: Syed Ajim Hussain
Cc: ipsec@ietf.org
Subject: Re
Hi All.
Host A --Host B
Assume Host-A Host-B want to established IPSEC Tunnel, First they
established one IKE SA and one IPSEC SA (Child SA).
After that due to addition of a new IPSEC Policy(SPD), Both the sides
triggered one more Child SA creation.
Hi All
I have some doubt about Security of IKEv2 protocol. In the process
Of generating Keys, every parameter is taken from IKE_SA_INIT Messages
Which is un-unencrypted.
If attacker using some tools capturing all the IKE Packets from network,
he can easily generates
it!
-Original Message-
From: Nicolas Williams [mailto:nicolas.willi...@oracle.com]
Sent: Monday, November 22, 2010 11:45 AM
To: Syed Ajim Hussain
Subject: Re: [IPsec] Generating Keying Material for the IKE_SA (IKEv2)
On Mon, Nov 22
Hi All
Many IPSec vendor support Easy VPN Clients, As I want to know , there is
no separate RFC for Easy VPN, How this clients compatible with IPSEC
Easy VPN Server? Easy VPN Client uses Mode-Configuration to get IP-
Address, DNS Server Address, IPSEC proposal information ,
Hi All
IPv6 Peer1 -- IPv6 Peer 2
I have one question, for IKE IPv6 Solution.
Assume in IPsec6 Policy I have configure Source IPv6 Address and
Destination IPv6 Address as Traffic selector, now IPSEC SA is not yet
establish.
When IKE Triggers, SA
, please notify the sender by
phone or email immediately and delete it!
-Original Message-
From: Yoav Nir [mailto:y...@checkpoint.com]
Sent: Thursday, February 18, 2010 2:35 PM
To: 'Syed Ajim Hussain'; ipsec@ietf.org
Hi All
I have some doubt about NAT With IPSEC/IKE ,
Example Take a Topology :
IKE_PEER1 --- NAT1 NAT2 Server---IKE_PEER3
(1.1.1.1) | (1.1.1.10) (2.1.1.1) (2.1.1.2) (3.1.1.1)
|
IKE_PEER2 |
(1.1.1.2)