ipsec

Answered Question
Mar 26th, 2009

HI everybody!

IPsec also define two protocols, ESP and AH

ESP provides:

Authentication,

message intergrity

encrption antireplay.

For authenticationm which method does ESP use, pre-shared keys or digital signatures?

For message integrity, which method does esp use, HMAC-md5 or HMAC-SHA ?

AH protocol only provides:

Authentication

Message integrity

Which method does AH use for authentication and message integrity?

Thanks a lot and have a nice day!

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 7 years 10 months ago

Sarah

It's entirely up to you.

ESP can use either pre-shared keys or digital signatures for authentication.

For message intergrity it can use md5 or SHA.

For encryption it can use DES, 3DES, AES.

All of the above are assuming the actual device can support all methods.

AH - again up to you and device dependant.

When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Thu, 03/26/2009 - 16:35

Sarah

It's entirely up to you.

ESP can use either pre-shared keys or digital signatures for authentication.

For message intergrity it can use md5 or SHA.

For encryption it can use DES, 3DES, AES.

All of the above are assuming the actual device can support all methods.

AH - again up to you and device dependant.

When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.

Jon

Actions

This Discussion