Hi All, I have a basic doubt with IKEv2, IKE SA rekey with PFS configured. Sorry for the broadcast mail.
I have configured as below IKE proposal DH Group 14 IPSEC Proposal PFS DH Group 2 During INIT EXCHANGE DH Group 14 will be used to calculate KE payload value. and For IPSEC SA's (CHILD SA established as part of CREATE_CHILD_SA EXCHANGE) will use DH 2. and also IPSEC SA REKEY will also use DH2. Now During IKE SA REKEY (CREATE_CHILD_SA EXCHANGE) What DH Group MUST be used? DH14 or DH 2? Thanks Riyaz
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
