Tags: , ,


Forum Replies

  1. Rene,

    Hi. Just to confirm I am reading this correctly for IKE Phase I ISAKMP process it is used to build the secure tunnel for the Phase II, but it and of itself is not securing the information/parameters/valued exchanged under phase I?

  2. Hi Thomas,

    That’s right, when you use main mode you can see that the first 4 messages (with all the parameters) are sent in clear text. Take a look at this wireshark capture:

    IKEv1 main mode

    Rene

  3. Hi Rene,

    Am I right about DH if i say:
    I configured PSK on both sides, then DH use its own (differrent) key to secure the configured PSK and it will do the exchange?
    Thanks

  4. Hello Sims

    Using SIP across a NAT router can be quite complex. The sessions SIP establishes can easily be disrupted or blocked by NAT and can often result in phenomena such as one way voice, no way voice and unsuccessful session initiation.

    There are various solutions and traversal mechanisms available that will solve these issues. A good place to start is RFC6314 by the IETF that provides concrete recommendations for SIP NAT traversal.

    I hope this has been helpful!

    Laz

28 more replies! Ask a question or join the discussion by visiting our Community Forum