I know that SPI plays an important role in IPsec. But I want to know that: Is it possible to remove SPI from IPSec header and still get it work?
Is it possible to remove SPI from IPSec header?
94 Views Asked by Ali Haghighat At
1
There are 1 best solutions below
Related Questions in IPSEC
- Unable to correctly configure StrongSwan with site-to-site connection and road warrior
- To allow IPsec NAT-T traffic to pass through, why does the firewall still need to permit ESP when it already allows UDP 4500?
- Need IPSEC Pcap format for AH next header with TCP/UDP
- How to check logs for IPsec through windows defender firewall
- StrongSwan IPSec VPN - IKEv2 - LetsEncrypt Certificate Issue (building CRED_PRIVATE_KEY - RSA failed, tried 10 builders)
- Unable to reach network 172.16.0.0/24 from containers on an external node with an IPsec tunnel to vCloud Director
- IPSec What is IKE Phase 2 brining?
- Understanding a Fortigate IPSEC packet flow
- Strongswan log file can not be created
- Forwarding FTP port on IP-SEC server to another FTP server
- Ip xfrm state command displays key information, which may cause information leakage. Is there any way to prevent users from viewing key information?
- when does nat_t_detected value comes as false in AWS site to site VPN tunnels logs
- Cisco/AWS IKEv2/IPSEC Site-to-Site VPN: Received an IKE msg id outside supported window
- Cannot establish a connection using StrongSwan: "no config named"
- xfrm state encap espinudp: caputure espinudp package but xfrm not work
Related Questions in SA
- I can not login with sa user with entity framework in .net core web api project 6.0. I am able to login on with sa user on sql server management
- storage bucket permissions GCP
- Strong password for SQL Server doesn't follow the documentation
- 'sa' user is "pinging" my Azure SQL Database
- set mixed mode authentication in SQLCMD
- why I search Milvus return `The vector dimension must be equal to the collection dimension`?
- NER german natural objects
- How can I copy CTRL-C content from a single cell in DBISQL?
- SA default password SQL Server on Linux
- SQL Server 2014 sa account audit trail
- Sql Server 2012 enterprise "sa" login failed. Error: 18456
- Why I cannot change sa password using osql?
- Is it possible to remove SPI from IPSec header?
- SQL Srv 2016: Login failed for user 'MicrosoftAccount\...'
- Print my sa password
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I don´t think that could be possible. But It´s always depends of the kernel´s implementations.
According to the RFC 4301, a SA is identify by three parameters: IP destination, Security Protocol (AH, ESP) and a SPI.
The SPI is unique, if we had a SA with the same IP destination and same Security Protocol (for example, diferent encryption algorithm) the only parameter that could differentiate the SA is the SPI, needed to map the traffic.
https://www.rfc-editor.org/rfc/rfc4301