Hi IPSECME, RFC 4302 (ESP) says "if an SA establishment protocol such as IKE is employed, the receiver SHOULD notify the sender, during SA establishment, if the receiver will not provide anti-replay protection".
I haven't been able to find any mechanism for this in IKEv2 (or IKEv1). Is there a way to do this? Or is this a mismatch between ESP and IKEv2? Thanks, Ben Schwartz
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
