Bart asked,
> Does someone know why these IPsec SAs are unidirectional? Usually the
> RFC describes some reasoning behind certain design decisions. However, I
> can't seem to find a justification other than "It's by design". On the
> Internet however, I read that the two SA
On 2/15/20 1:17 PM, Bart Hermans wrote:
Does someone know why these IPsec SAs are unidirectional?
My take on it:
* IP, on which IPSec is directly built, is not a bidirectional protocol.
It is unidirection and fire-and-forget. There's no assumption made
that the source address specified
em to put
> my finger on. From what I know is that the phase 1 ISAKMP Security
> Association (SA) is unidirectional. This tunnel is then used to setup
> two unidirectional tunnels (https://tools.ietf.org/html/rfc4301 Section
> 4.1.).
>
> Does someone know why these IPsec SAs
) is unidirectional. This tunnel is then used to setup
two unidirectional tunnels (https://tools.ietf.org/html/rfc4301 Section
4.1.).
Does someone know why these IPsec SAs are unidirectional? Usually the
RFC describes some reasoning behind certain design decisions. However, I
can't seem to find
4 matches
Mail list logo
