03-26-2009 04:27 PM - edited 03-06-2019 04:50 AM
HI everybody!
IPsec also define two protocols, ESP and AH
ESP provides:
Authentication,
message intergrity
encrption antireplay.
For authenticationm which method does ESP use, pre-shared keys or digital signatures?
For message integrity, which method does esp use, HMAC-md5 or HMAC-SHA ?
AH protocol only provides:
Authentication
Message integrity
Which method does AH use for authentication and message integrity?
Thanks a lot and have a nice day!
Solved! Go to Solution.
03-26-2009 04:35 PM
Sarah
It's entirely up to you.
ESP can use either pre-shared keys or digital signatures for authentication.
For message intergrity it can use md5 or SHA.
For encryption it can use DES, 3DES, AES.
All of the above are assuming the actual device can support all methods.
AH - again up to you and device dependant.
When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.
Jon
03-26-2009 04:35 PM
Sarah
It's entirely up to you.
ESP can use either pre-shared keys or digital signatures for authentication.
For message intergrity it can use md5 or SHA.
For encryption it can use DES, 3DES, AES.
All of the above are assuming the actual device can support all methods.
AH - again up to you and device dependant.
When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide