On Fri, Sep 08, 2006 at 01:32:26AM -0700, Victor Li wrote: > For the IPSEC Security Policy, can I define a security policy for my server > that prefers the clients using IPSec, but also accepts connections from > clients which do not use IPSec? The server needs to accept connections from > any client.
You can't do this right now without something like BTNS being implemented. If you can narrow *which* clients require IPsec (e.g. by IP address or remote port) you can do it that way. > If there is a way to do it on system wide, how can I compose the security > policy entry? If there is a way to do it in per-socket IPSEC, what option > can I use? My server is listening on port 3205. I also need to know whether > the connection from a client is secured by IPSEC or not in my server. Is > there an option that I can get in my server? I don't think we can solve the general problem right now. Sorry, Dan _______________________________________________ networking-discuss mailing list [email protected]
