03-26-2009 04:27 PM - edited 03-06-2019 04:50 AM
HI everybody!
IPsec also define two protocols, ESP and AH
ESP provides:
Authentication,
message intergrity
encrption antireplay.
For authenticationm which method does ESP use, pre-shared keys or digital signatures?
For message integrity, which method does esp use, HMAC-md5 or HMAC-SHA ?
AH protocol only provides:
Authentication
Message integrity
Which method does AH use for authentication and message integrity?
Thanks a lot and have a nice day!
Solved! Go to Solution.
03-26-2009 04:35 PM
Sarah
It's entirely up to you.
ESP can use either pre-shared keys or digital signatures for authentication.
For message intergrity it can use md5 or SHA.
For encryption it can use DES, 3DES, AES.
All of the above are assuming the actual device can support all methods.
AH - again up to you and device dependant.
When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.
Jon
03-26-2009 04:35 PM
Sarah
It's entirely up to you.
ESP can use either pre-shared keys or digital signatures for authentication.
For message intergrity it can use md5 or SHA.
For encryption it can use DES, 3DES, AES.
All of the above are assuming the actual device can support all methods.
AH - again up to you and device dependant.
When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: