Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2815
Views
0
Helpful
2
Replies

IOS - IPSec over TCP

osiristrading123
Level 1
Level 1

‎11-12-2007 10:18 PM - edited ‎03-03-2019 07:31 PM

Hi everyone

I know it's possible to run IPSec over TCP on a Cisco Pix/ASA, but is it possible with Cisco IOS?

Secondly, if the above is possible, can one choose to use no encryption on the tunnel?

Thanks for any assistance.

Labels:
0 Helpful
2 Replies 2

ajagadee
Cisco Employee
Cisco Employee

‎11-15-2007 08:11 PM

Yes, it is possible to run IPSec Over TCP on the routers. Please refer the information posted by Gregory in the previous post.

As far as the second part of the question, IPSec Over TCP is an option you use when you have VPN Clients connecting to the IOS Router that acting as a VPN Server. By enabling the option "IPSec Over TCP", all that you are doing is Encapsulating IKE and IPSEC packets in a TCP Packet. The packets are already encryped using ESP.

If you are looking to just tunnel traffic across two routers without encryption, then you could use GRE. But again, in GRE there is no encryption, so no confidentiality. So, if you have sensitive traffic flowing across the sites and your security policy is to provide confidentiality for that traffic, do encryption.

I hope it helps.

Regards,

Arul

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card