[Mobike] New issue 17: Full connectivity
kent at bbn.com
Tue Sep 7 12:44:44 EDT 2004
At 12:27 PM -0700 9/6/04, Srinivasa Rao Addepalli wrote:
>Umm... I guess it depends on how IPSec is implemented.
>At the originitaing security gateway must know the remote peer IP
>address and uses
>it as Destination IP address.
>On the receiving end, some implementations would only check if the destination
>IP address of the received packet is its local IP address. If so, it
>packet and if not, the packet is forwarded. Some implementation
>might go beyond
>this and might even look for exact match.
If the destination is a security gateway, it must distinguish between
IPsec traffic addressed to it and IPsec (or non-IPsec) traffic
addressed to hosts behind it, and thus potentially bypassed. So, in
that context, it is necessary to pay attention to the destination
More information about the Mobike