Re: IPsec-Protocol Explanantion

srikanth ath · ‎11-20-2012

Hi,

Can anyone kindly, provide me how site to site VPN works.

And also the detailed expalanation the purpose of each parameters in phase1 and phase2 parameters.

Like:

AH, Difie-Halman Groups

SA. Polocies, Crypto-ISAKmp, Crypto-IPSEC.

It will be great help for me if youprovide me some inputs on this as much i couldnt get the info on browsers.

Thanks in advance.

Regards,

Srikanth

srikanth ath · ‎11-20-2012

hi

can anyone help me out pls.

Regards

sri

Javier Portuguez · ‎11-20-2012

Hi Srikanth,

Please check this out and let me know if you have any questions:

Configuring LAN-to-LAN VPNs

Portu.

HTH.

Please rate any helpful posts

srikanth ath · ‎11-20-2012

Perfect. Will definetly let you know if i have any queries

Thanks again,

Srikanth

srikanth ath · ‎11-21-2012

Hi,

I went through the document and here i have few queries, kindly answer them.

1. how deffie-hellman is helpful here in L2L vpn.

2. What is the purpose of Hash here and let me know something more about this in concepts of L2L VPN.

3. Difference between Tunnel mode and Transport mode.

Regards,

Srikanth

Javier Portuguez · ‎11-21-2012

Hi,

How deffie-hellman is helpful here in LAN-to-LAN VPN?

Deffie-Helman is a way to establish secure tunnel between two endpoints.

The Diffie-Hellman group is to establish the strength of the encryption-key-determination algorithm. The security appliance uses this algorithm to derive the encryption and hash keys.

What is the purpose of Hash here and let me know something more about this in concepts of L2L VPN.

During Phase I negotiation in main mode, the ASA uses Diffie-Hellman exchange to generate shared secret keying information, used to generate shared secret keys and to pass nonces-random numbers sent to the other party and then signed and returned to prove their identity.

Transport Mode vs. Tunnel Mode

HTH.

Please mark this post as answered in case you do not have any further questions.

Portu