A method for configuration of IPsec clients using DHCP

Document Type Expired Internet-Draft (individual)
Author Michael Richardson 
Last updated 2003-02-18
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


IPsec technology is frequently used for remote access scenarios. A tunnel is established from a mobile node (such as a laptop) and an IPsec gateway located at the Enterprise. The mobile node's tunnel outer address is potentially any IP address on the Internet. The mobile node's tunnel inner address should be an address from within the enterprise. The assignment of this address should ideally be done dynamically. This document specifies a configuration mode called 'DHCP over IKE'. The document specifies that the payload of a DHCP exchange should be carried over an IKE phase 1 exchange.


Michael Richardson (mcr@sandelman.ottawa.on.ca)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)