[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2401bis Issue #67 -- IPsec management traffic



 In your previous mail you wrote:

   There is one slight catch, however. There is no SPD entry action to 
   cause delivery of a received message to IKE. So, while your example 
   is appropriate for outbound IKE traffic, I don't think we ever 
   defined a way to express appropriate internal forwarding of inbound 
   IKE traffic.  Any suggestions?
   
=> I agree but I don't believe there is a solution inside IPsec itself:
to enforce the delivery of packets maching a filter to a process/user/...
is a "personal firewall" function only.

Thanks

Francis.Dupont@xxxxxxxxxxxxxxxx