RFC 3456 (rfc3456) - Page 1 of 18
Dynamic Host Configuration Protocol (DHCPv4) Configuration of IPsec Tunnel Mode
Alternative Format: Original Text Document
Network Working Group B. Patel
Request for Comments: 3456 Intel Corp
Category: Standards Track B. Aboba
Microsoft
S. Kelly
Airespace
V. Gupta
Sun Microsystems, Inc.
January 2003
Dynamic Host Configuration Protocol (DHCPv4)
Configuration of IPsec Tunnel Mode
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract
This memo explores the requirements for host configuration in IPsec
tunnel mode, and describes how the Dynamic Host Configuration
Protocol (DHCPv4) may be leveraged for configuration. In many remote
access scenarios, a mechanism for making the remote host appear to be
present on the local corporate network is quite useful. This may be
accomplished by assigning the host a "virtual" address from the
corporate network, and then tunneling traffic via IPsec from the
host's ISP-assigned address to the corporate security gateway. In
IPv4, DHCP provides for such remote host configuration.
Patel, et. al. Standards Track