Matthew Cini Sarreo writes:
> In such a scenario, it might be required to have different D-H groups for
> different peers. Due to the ID payload being inexistant at this time, is
> there a way (that is allowed) to identify a peer during IKE_SA_INIT (for
> example, based on an IP address that has be
Date:
04/08/2009 04:16 AM
Subject:
[IPsec] IKEv2: Possibility of "storing" configuration (Cryptographic
Suite) for a certain Peer
Hi everyone,
As to my understanding, in IKEv2 it is not possible to know "who" the peer
is until IKE_AUTH, by using the ID payload for that p
Hi everyone,
As to my understanding, in IKEv2 it is not possible to know "who" the peer
is until IKE_AUTH, by using the ID payload for that peer. Let us say that an
implementation chooses not to use any automatic configuration but decide (by
manual configuration) to accept only a certain Cryptogra