ipsec

Answered Question
Mar 26th, 2009
User Badges:
  • Bronze, 100 points or more

HI everybody!

IPsec also define two protocols, ESP and AH

ESP provides:

Authentication,

message intergrity

encrption antireplay.


For authenticationm which method does ESP use, pre-shared keys or digital signatures?

For message integrity, which method does esp use, HMAC-md5 or HMAC-SHA ?



AH protocol only provides:

Authentication

Message integrity

Which method does AH use for authentication and message integrity?


Thanks a lot and have a nice day!

Correct Answer by Jon Marshall about 8 years 2 months ago

Sarah


It's entirely up to you.


ESP can use either pre-shared keys or digital signatures for authentication.


For message intergrity it can use md5 or SHA.


For encryption it can use DES, 3DES, AES.


All of the above are assuming the actual device can support all methods.


AH - again up to you and device dependant.


When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Thu, 03/26/2009 - 16:35
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Sarah


It's entirely up to you.


ESP can use either pre-shared keys or digital signatures for authentication.


For message intergrity it can use md5 or SHA.


For encryption it can use DES, 3DES, AES.


All of the above are assuming the actual device can support all methods.


AH - again up to you and device dependant.


When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.


Jon

Actions

This Discussion