18.104.22.168 Receiving Message #3
On receipt of message #3, the host MUST validate the message, as specified in [RFC2408] section 5. In addition, the host MUST:
Verify that the Responder Cookie field in the ISAKMP header is not zero.
Verify that the Responder Cookie field in the ISAKMP header is the same as the cookie sent in the Notify payload of message #2. The actual verification mechanism is implementation-dependent.<30>
If this verification succeeds, the host MUST process message #3 as a normal ISAKMP message. Otherwise, the host MUST process message #3 in the same way as message #1.
Subsequent messages received for this SA on the host in DoS Protection mode MUST be processed the same as message #3.
Subsequent messages received for SAs for which no state exists in the SAD MUST be processed in the same way as message #1.