[support] Nested ipsec
Ben McCarthy
b.mccarthy at lancaster.ac.uk
Fri Sep 4 03:10:02 JST 2009
Hi all,
Has anyone tried running ipsec in a nested NEMO scenario before? We have a
setup here where two MRs with working ipsec configurations can establish
their MR-HA tunnels fine if they connect to an access network AP, but if one
of those MRs roams behind the other and connects to its Ingress interface,
its subsequent BU is not received by the HA. Analysing the interface on the
HA, we can see that the BU arrives, has the ipsec tunnel header added by the
intermediary MR removed, but then the ipsec transport mode encrypted BU is
not then decrypted as it should be (and as it is if we connect directly via
a normal access network connection) and therefore it isn't passed up to the
HA.
Has this been experienced by anyone before?
Cheers,
Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://ml.nautilus6.org/pipermail/support/attachments/20090903/b23e02e0/attachment.htm
More information about the Support
mailing list