"DHCPv4 Configuration of IPSEC Tunnel Mode", Baiju Patel, Bernard Aboba, Scott Kelly, Vipul Gupta, 02-Jul-01. (2717 bytes)

In many remote access scenarios, a mechanism for making the remote host appear to be present on the local corporate network is quite useful. This may be accomplished by assigning the host a 'virtual' address from the corporate network, and then tunneling traffic via IPSec from the host's ISP-assigned address to the corporate security gateway. In IPv4, Dynamic Host Configuration Protocol (DHCP) provides for such remote host configuration. This draft explores the requirements for host configuration in IPSec tunnel mode, and describes how DHCPv4 may be leveraged for configuration.

"Requirements for IPsec Remote Access Scenarios", Scott Kelly, Sankar Ramamoorthi, 27-Mar-02. (2222 bytes)

IPsec offers much promise as a secure remote access mechanism. However, there are a significant number of remote access scenarios, each having some shared and some unique requirements. A thorough understanding of these requirements is necessary in order to effectively evaluate the suitability of a specific set of mechanisms for any particular remote access scenario. This document enumerates the requirements for a number of common remote access scenarios.

"PIC, A Pre-IKE Credential Provisioning Protocol", Yaron Sheffer, Hugo Krawczyk, Bernard Aboba, 13-Feb-02. ( bytes)

This document presents a method to bootstrap IPSec authentication via an 'Authentication Server' (AS) and legacy user authentication (e.g., RADIUS). The client machine communicates with the AS using a key exchange protocol where only the server is authenticated, and the derived keys are used to protect the legacy user authentication.

Return to Internet-Draft directory.

Return to IETF home page.