Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1204
Views
0
Helpful
1
Replies

IPSec AH or ESP in tunnel mode

tj6512
Level 1
Level 1

‎08-16-2002 01:48 AM - edited ‎02-21-2020 12:00 PM

When using IPSec with tunneled mode-AH or tunneled mode-ESP, what are the new SRC and DST IP address used to construct the IPSec's outer IP HDR ? And Why ? And how does Cisco (and other vendors) do this ? What are the Cisco command to use ? Thanks !

Labels:
0 Helpful
1 Reply 1

paqiu
Level 1
Level 1

‎08-16-2002 05:26 PM

Hi,

Here is a good documentation explain AH and ESP, also the difference between tunnel mode and transport mode:

http://www.cisco.com/warp/public/cc/techno/protocol/ipsecur/ipsec/prodlit/dplip_in.htm

Here is a basic one with config explaination:

http://www.cisco.com/warp/customer/105/IPSECpart1.html

The command to choose AH, ESP and mode is in the "crypto transform-set"

crypto ipsec transform-set MamaBear ah-md5-hmac esp-des mode

Please check above links for more details.

Best Regards,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents