IPsec experts, In the following diagram, CPE1 has two internet ports, A1 by one service provider, A2 by another service provider. CPE2 also have two ports facing two different internet service providers
Question: can I establish ONE IPsec SA between CPE1 & CPE2? (i.e. between 10.1.1.1 & 10.1.2.1)? But the actual packets sent out from A1 port has to use A1 as Source-Address, and using B1 or other public address as Destination address. Or is it necessary to have one IPsec SA between A1<->B1, one IPsec SA between A1<->B2, one IPsec SA between A2<->B1, and one IPsec SA between A2<->B2? [cid:[email protected]] Thanks, Linda Dunbar
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
