IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

[Users] IKE Quick Mode ( Phase 2 )

From: Gianluca Scuto (G.Scuto_at_SOLINET.com)
Date: Mon Apr 29 2002 - 18:19:56 CEST

Hallo all,

I'm beginning to implement the IPSec functionality together with IKE
protocol, using IPSec tunnel mode with ESP protocol between two gateways,
but I really need, if possible, some clarifications :

1) After IKE phase 1 ( Main Mode ) , I have already accomplished the
negotiations of encryption, hashing and authentication algorithms, the
public keys and random numbers for D.-H. exchange and the authentication of
the two parties ( It's correct, isn't it ? ). The following Quick Mode
phase 2 is needed only for refreshing keys, isn't it ? To be clear, which
is the scope of Quick Mode phase 2 ? What exactly do I need to send in the
three messages of Quick Mode phase 2 ? Unfortunately the paragraph 5.5 of
rfc 2409 is not so clear for me.

2) What does the ISAKMP header contain ? What exactly are the cookies and
the message ID in it ?

3) When can I start to send IP datagram on my IPSec tunnel ? After phase 1
or phase 2 ?

I really hope someone will find the time to give me some suggestions, thank
you.

Best regards,

Gianluca.

-

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:57 CEST