07-13-2021 04:48 AM
Hi All!
Today i need help to understand the "WHEN" use each protocole and mode of IPSec !
I don't talk about definitions please (...)
I know that AH algorithm provid IA & anti reply, and ESP algorithm (protocol) provid CIA& Anti reply
But both can used in tunnel or transport mode
so we have 4 cases:
AH Transport
AH Tunnel
ESP Transport
ESP Tunnel
Can you tell me with examples, when i will choose one or other?
so for example, when we try to build ipsec site to site (using internet), wich case will be used?
it's important to understand the concepts before doing configuration, because it help more and make easy steps of configuration..
Thanks
07-13-2021 04:58 AM - edited 07-13-2021 05:26 AM
You would rarely, if ever choose between AH and ESP.
ESP is always used, as it actually encrypts the data and authenticates the header. Where as AH only authenticates the header and does not encrypt the data.
I seem to recall that FTD no longer supports AH.
Tunnel mode encrypts the entire original IP packet, where as transport mode only encrypts the data payload of the original packet. Tunnel mode is default on cisco devices.
07-13-2021 04:58 AM
here is some difference from my notes :
ESP :
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide