To:
ipsec@ietf.org
Date:
04/08/2009 04:16 AM
Subject:
[IPsec] IKEv2: Possibility of storing configuration (Cryptographic
Suite) for a certain Peer
Hi everyone,
As to my understanding, in IKEv2 it is not possible to know who the peer
is until IKE_AUTH, by using the ID payload for that peer. Let
Matthew Cini Sarreo writes:
In such a scenario, it might be required to have different D-H groups for
different peers. Due to the ID payload being inexistant at this time, is
there a way (that is allowed) to identify a peer during IKE_SA_INIT (for
example, based on an IP address that has been