Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
267
Views
0
Helpful
1
Replies

ipsec

Go to solution
sarahr202
Level 5
Level 5

‎03-26-2009 04:27 PM - edited ‎03-06-2019 04:50 AM

HI everybody!

IPsec also define two protocols, ESP and AH

ESP provides:

Authentication,

message intergrity

encrption antireplay.

For authenticationm which method does ESP use, pre-shared keys or digital signatures?

For message integrity, which method does esp use, HMAC-md5 or HMAC-SHA ?

AH protocol only provides:

Authentication

Message integrity

Which method does AH use for authentication and message integrity?

Thanks a lot and have a nice day!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎03-26-2009 04:35 PM

Sarah

It's entirely up to you.

ESP can use either pre-shared keys or digital signatures for authentication.

For message intergrity it can use md5 or SHA.

For encryption it can use DES, 3DES, AES.

All of the above are assuming the actual device can support all methods.

AH - again up to you and device dependant.

When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.

Jon

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎03-26-2009 04:35 PM

Sarah

It's entirely up to you.

ESP can use either pre-shared keys or digital signatures for authentication.

For message intergrity it can use md5 or SHA.

For encryption it can use DES, 3DES, AES.

All of the above are assuming the actual device can support all methods.

AH - again up to you and device dependant.

When you configure an IPSEC VPN on a Cisco device eg. router/firewall you choose which to use.

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card