Subject: NULL encryption for IPSec ESP
To: None <>
From: Hendra Widarta <>
List: tech-net
Date: 03/13/2002 07:29:47

According to RFC-2410, there's NULL encryption for IPSec ESP.

My ipsec configuration is:
add a.b.c.d p.q.r.s esp 0x2222 -A hmac-md5 "authentication!!" ;
add p.q.r.s a.b.c.d esp 0x5555 -A hmac-md5 "authentication!!" ;
spdadd a.b.c.d p.q.r.s any -P out ipsec esp/transport//require ;

R# setkey -f ipsec.conf
The result of line 1: Invalid argument.
The result of line 2: Invalid argument.

Security policy is created, but there is no SAD.
Is that possible to make IPSec/Manual-key connection through
"ESP Null encryption"? Is "ESP Null encryption" only for IKE?

FYI, I have tried null_enc for IKE/racoon (phase-2), and it's OK.


Do You Yahoo!?
Try FREE Yahoo! Mail - the world's greatest free email!