Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

IPSec AH or ESP in tunnel mode

When using IPSec with tunneled mode-AH or tunneled mode-ESP, what are the new SRC and DST IP address used to construct the IPSec's outer IP HDR ? And Why ? And how does Cisco (and other vendors) do this ? What are the Cisco command to use ? Thanks !

1 REPLY
Community Member

Re: IPSec AH or ESP in tunnel mode

Hi,

Here is a good documentation explain AH and ESP, also the difference between tunnel mode and transport mode:

http://www.cisco.com/warp/public/cc/techno/protocol/ipsecur/ipsec/prodlit/dplip_in.htm

Here is a basic one with config explaination:

http://www.cisco.com/warp/customer/105/IPSECpart1.html

The command to choose AH, ESP and mode is in the "crypto transform-set"

crypto ipsec transform-set MamaBear ah-md5-hmac esp-des mode

Please check above links for more details.

Best Regards,

366
Views
0
Helpful
1
Replies
CreatePlease to create content