Re: Section 2.3: Endpoint-to-Gateway P2P VPN
Yoav Nir <ynir <at> checkpoint.com>
2012-05-22 06:16:36 GMT
Especially for clients, routing doesn't always help. A lot of those corporate networks use non-routable
IP addresses. Of course you can use routing protocols once the client has connected to a gateway, but
routing protocols don't help you choose the right gateway to reach 192.168.5.82.
Even with routable addresses, routing tables and routing protocols pretty much give you only the next hop
at layer 3. They don't help you find the next VPN hop - an IKE/IPsec endpoint.
It is possible to connect to some (maybe pre-configured) gateway, and then run (modified?) routing
protocols over the tunnel and learn about more gateways through them. But this is getting deeply into the
On May 22, 2012, at 3:14 AM, Vishwas Manral wrote:
> Hi folks,
> I have been trying to understand the use case for End-point to Gateway use case as written in the current draft.
> Finding the closes gateway, seems to be rightly routing or ALTO (Application Level Transport
Optimization) problem, rather than an IPsec one. Am I missing the point altogether?