home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.dcom.vpn      VPN protocols, clients, awesomeness      2,348 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 2,182 of 2,348   
   Stephen J. Bevan to Paul D.Smith   
   Re: Correct response to Aggressive Node    
   19 Sep 07 01:12:03   
   
   From: stephen@dino.dnsalias.com   
      
   "Paul D.Smith"  writes:   
   > Thanks for your answer.  Does this mean that there is no fall back from   
   > Aggressive to Main mode possible?   
      
   There is no concept of a fall back from Aggressive to Main in   
   IKE/ISAKMP.  The closest you can get to that is having the responder   
   configured to accept both modes.  How that is configured is   
   implementation dependent.   
      
      
   >  I hadn't appreciated that the initial offer could contain both.   
      
   Sorry, I got them the wrong way around (that's what I get for posting   
   early in the morning): as noted above it is the responder that can be   
   configured with both aggressive and main mode.  The initiator can only   
   offer one, at least within a single negotiation.  In theory the   
   initiator can offer both in the sense that it can try one (say   
   aggressive) and if it doesn't negotiate within some configurable limit   
   try the other.  However, I'm not aware of such a client.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca