Cisco Cisco Packet Data Gateway (PDG)
SecGW Changes in Release 16
▀ SecGW Enhancements for 16.1
▄ Release Change Reference, StarOS Release 16
448
SecGW Enhancements for 16.1
This section identifies all of the SecGW enhancements included in this release:
Feature Changes – new or modified features or behavior changes. For details, refer to the SecGW Administration
Guide for this release.
Guide for this release.
Command Changes – changes to any of the CLI command syntax. For details, refer to the Command Line Interface
Reference for this release.
Reference for this release.
Performance Indicator Changes – new, modified, and deprecated bulk statistics, disconnect reasons, counters and/or
fields in new or modified schema and/or show command output. For details, refer to the Statistics and Counters
Reference for this release.
fields in new or modified schema and/or show command output. For details, refer to the Statistics and Counters
Reference for this release.
Important:
This release includes enhancements that are applicable to multiple products. The following lists the
various multi-product enhancements sections, some of which might include content applicable to your SecGW.
AAA Enhancements
ADC Enhancements
CF Enhancements
ECS Enhancements
Firewall Enhancements
GTPP Enhancements
Lawful Intercept Enhancements
InTracer Enhancements
MVG Enhancements
NAT Enhancements
SNMP MIB Enhancements
System & Platform Enhancements
CSCtt22271 - RFC 4303 ESN
Feature Changes
ESN for ikev2
Every IKE message contains a Message ID (sequence number) as part of its fixed header. This sequence number is a
monotonically increasing integer (incremented by 1 for every packet sent) used to match up requests and responses, and
to identify retransmissions of messages. The sequence is a 32-bit integer which is zero for the first IKE request in each
direction.
monotonically increasing integer (incremented by 1 for every packet sent) used to match up requests and responses, and
to identify retransmissions of messages. The sequence is a 32-bit integer which is zero for the first IKE request in each
direction.
RFC 4304 outlines support for a 64-bit Extended Sequence Number (ESN) implemented for ikev2. The ESN transform
is included in an ikev2 proposal used in the negotiation of IKE SAs as part of the IKE_SA_INIT exchange.
is included in an ikev2 proposal used in the negotiation of IKE SAs as part of the IKE_SA_INIT exchange.