[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    Re: Tunnel Mode and Auditable Events
From:       Stephen Kent <kent () bbn ! com>
Date:       2002-02-20 14:25:54
[Download RAW message or body]

>I have two questions:
>1) Why is it necessary for an SA involiving a Security Gateway to be in
>Tunnel Mode?
>
>2) What are auditable events (how are they defined?)?
>
>Regards

SAs terminating at SGs must be in tunnel mode, if they are for 
transit traffic, because otherwise we could have problems when a set 
of hosts (e.g., a campus network) is served by multiple SGs (i.e., 
multihomed).

Throughout the RFCs (2401, 2402, 2406) we define what should be 
audited; those are auditable events.

Steve
[prev in list] [next in list] [prev in thread] [next in thread]