kindly note that i m not using any certificates for isakmp tunnel . ie my
isakmp tunnel is only based on pre shared key .
On Thu, Nov 18, 2010 at 5:51 AM, ehtesham ali <conect2ehtesham_at_gmail.com>wrote:
> hi group , really confused with different keys used in GET vpn
>
> my understanding ,
> * initial protection is provided by isakmp tunnel where gm's download kek ,
> tek and acl.
>
> *now when gm talk to another gm he will use tek which is common for all .
> sounds like symmetric key.
>
> * isakmp vanishes , tek key refreshment timer expires , now the next tek is
> encrypted with kek and pushed by key server.
>
> questions ?
>
> where i m confused : when will the ks , gm's used RSA private and public
> keys ???
>
> is it that ks uses gm's public keys to send new tec ???
>
> As tec is refreshed periodically by encrypting it with kek. does that mean
> kek remains same ie constant as downloaded from ks and ONLY TEC CHANGES
> .?
>
> ---> kindly tell me the application of private and pulic keys in gdoi
> environment
>
> thanks in advanced
Blogs and organic groups at http://www.ccie.net
Received on Thu Nov 18 2010 - 05:58:50 ART
This archive was generated by hypermail 2.2.0 : Sun Dec 05 2010 - 22:14:56 ART