A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W

interface

Click on the red underlined text to get to the source

2. IPsec tunnel mode configuration requirements

... host with an IPsec tunnel mode interface include the need to obtain an IPv4 address and other configuration parameters appropriate to the class ...

... 5] is required, this can be supported on an IPsec tunnel mode interface as it would be on any other interface. ...

... IPsec tunnel mode interface as it would be on any other interface. ...

3. Scenario overview

... connectivity and the host Internet interface is appropriately configured. The mechanisms for configuration of the remote host's ...

... address for the Internet interface are well defined; i.e., PPP IP control protocol (IPCP ...

... remote host in this application would use two addresses: 1) an interface to connect to the Internet (Internet ...

... Internet (Internet interface), and 2) a virtual interface to connect to the intranet ...

... (Internet interface), and 2) a virtual interface to connect to the intranet (intranet ...

... intranet (intranet interface). The IP address of the Internet and ...

... Internet and intranet interfaces are used in the outer and inner headers of the IPsec tunnel mode ...

... The configuration of the intranet interface of the IPsec tunnel mode host ...

... remote host's intranet interface obtains an IP address as well as other configuration parameters ...

... are not described in this document. The mechanisms described here work best when the VPN is implemented using a virtual interface. ...

4. Detailed description

... The events begin with the remote host intranet interface generating a DHCPDISCOVER message. Details are described below: ...

... Hardware address type. Set to value 31. signifying an IPsec tunnel mode virtual interface. hlen 1 Hardware address length ...

... DHCPACK by server. giaddr 4 Security gateway interface IPv4 address, used in booting via a relay agent ...

... The htype value is set to the value 31, signifying a virtual IPsec tunnel mode interface, in order to enable the DHCP server to differentiate VPN ...

... a. If one or more LAN interfaces are available, the hlen and chaddr fields SHOULD be determined from the active LAN ...

... fields SHOULD be determined from the active LAN interface with the lowest interface number. If no active ...

... LAN interface with the lowest interface number. If no active LAN interface ...

... interface number. If no active LAN interface is available, then the parameters SHOULD be determined from the LAN interface ...

... interface is available, then the parameters SHOULD be determined from the LAN interface with the lowest interface number. This enables the chaddr to be ...

... LAN interface with the lowest interface number. This enables the chaddr to be persistent between reboots, as long as the LAN interface ...

... interface number. This enables the chaddr to be persistent between reboots, as long as the LAN interface hardware is not removed ...

... b. If there is no LAN interface, the chaddr field SHOULD be determined by concatenating x'4000', the IPv4 address of the ...

... determined by concatenating x'4000', the IPv4 address of the interface supplying network connectivity, and an additional octet. The x'4000' value indicates a locally administered unicast ...

... not conflict with a globally assigned value. The additional octet (which MAY represent an interface number) SHOULD be persistent between reboots, so that the chaddr value will be persistent across reboots if the assigned IPv4 address ...

... security gateway. Where a LAN interface is available, the chaddr will be globally unique. When a non-LAN interface ...

... interface is available, the chaddr will be globally unique. When a non-LAN interface is available and a unique Internet address is assigned to the remote host ...

... IP address [22] is assigned to a non-LAN interface, it will not be globally unique. However, in this case packets will not be routed back and forth between the remote host ...

... subnet. It will be persistent across reboots for a LAN interface. If a non-LAN interface is ...

... LAN interface. If a non-LAN interface is used, it may not be persistent across reboots if the assigned IP address changes. ...

... b. The machine FQDN concatenated with an interface number. Assuming that the machine FQDN does not conflict with that of another ...

... c. The user NAI concatenated with an interface number. Assuming that the user is only connected to the VPN at one location, this will ...

... DHCPDISCOVER packet from the intranet interface to the security gateway, an IKE Phase 1 SA ...

... Phase 1 SA is established between the Internet interface and the security gateway. A phase 2 (quick mode ...

... tunnel, then this can be accomplished by inserting the appropriate interface address in the giaddr field. Alternatively, the security gateway can utilize the DHCP Relay Agent ...

... After the Internet interface has received the DHCPOFFER message, it forwards this to the intranet ...

... DHCPOFFER message, it forwards this to the intranet interface after IPsec processing. The intranet ...

... IPsec processing. The intranet interface then responds by creating a DHCPREQUEST message, which is tunneled to security gateway ...

... remote host Internet interface then forwards the DHCPACK or DHCPNAK ...

... DHCPNAK message to the intranet interface after IPsec processing. ...

... After processing of the DHCPACK, the intranet interface is configured and the Internet interface ...

... interface is configured and the Internet interface can establish a new IPsec tunnel mode SA ...

A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W

Previous | Next

Frontpage | Contents | Keywords

RFC-Ref.org

Sister Sites

Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org