1 / 8

Gopal Dommety gdommety@cisco

Mobile IP VPN Design Team Update. Gopal Dommety gdommety@cisco.com. VPN Design Team Update. Problem Statement Base solution Optimizations Time Line. Problem Statement Draft. The Design Teams definition of Problem Statement is finished Focused on IPv4 Security Review by Radia Perlman

cmarvin
Download Presentation

Gopal Dommety gdommety@cisco

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mobile IP VPNDesign Team Update Gopal Dommety gdommety@cisco.com

  2. VPN Design Team Update • Problem Statement • Base solution • Optimizations • Time Line

  3. Problem Statement Draft • The Design Teams definition of Problem Statement is finished • Focused on IPv4 • Security Review by Radia Perlman • Draft is published • draft-ietf-mobileip-vpn-problem-statement-req-03 • Last Call, Review by the WG and IESG

  4. Solution Update • Solution • Base Solution • Optimizations • Base Solution – work completed • Need security review • Last Call for base solution after security review and Problem statement review by WG and IESG • Optimizations to be completed before next IETF

  5. Problem statement Intranet Internet VPN Conc Enterprise DM Zone • IP Sec VPN is used to access the Enterprise network • Seamless connectivity while outside the VPN domain • Seamless mobility when moving from one hotspot to another or to wide area wireless • Seamless connectivity while inside the VPN domain • Mobility while moving between inside & outside a VPN Domain

  6. Scenarios Intranet Internet MSP VPN Conc HA Encrypted IP Tunnel CN Internet Enterprise Airline 1 Ticketing, Baggage DM Zone -Placement of mobile IP and VPN elements: Several scenarios -The scenario shown above is considered in detail. Assumptions Access to the Enterprise from the Internet is via IP Sec VPNs IP Sec may not be always used when MN is within the Enterprise network FAs may be present and the solution has to take care of this scenario NOT CONSIDERED: IP sec instead of L2 encryption (of WLANs)

  7. Issues and Requirements • Issues • With out FA: The IPsec SA needs to be renegotiated on movement • With FA: FA has no visibility into IP sec packets • Problem Statement Draft Includes: • Issues that need to be addressed for providing seamless mobility in this scenario • Requirements for the solution • Working Group Last Call

  8. Thank You

More Related