×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

IPSec AH or ESP in tunnel mode

Unanswered Question
Aug 16th, 2002
User Badges:

When using IPSec with tunneled mode-AH or tunneled mode-ESP, what are the new SRC and DST IP address used to construct the IPSec's outer IP HDR ? And Why ? And how does Cisco (and other vendors) do this ? What are the Cisco command to use ? Thanks !

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paqiu Fri, 08/16/2002 - 17:26
User Badges:

Hi,


Here is a good documentation explain AH and ESP, also the difference between tunnel mode and transport mode:

http://www.cisco.com/warp/public/cc/techno/protocol/ipsecur/ipsec/prodlit/dplip_in.htm


Here is a basic one with config explaination:

http://www.cisco.com/warp/customer/105/IPSECpart1.html


The command to choose AH, ESP and mode is in the "crypto transform-set"

crypto ipsec transform-set MamaBear ah-md5-hmac esp-des mode

Please check above links for more details.


Best Regards,


Actions

This Discussion