Uses of Authentication Header (AH)
- Provide Authentication Services
- Verifies the originator of a message
- Verifies that data has not been changed on routing
Uses of Encapsulating Security Payload
(ESP)
- Encrypted the IP datagram
- AH ensures integrity but not privacy
Example of AH&ESP
#ah-md5-hmac AH-HMAC-MD5 transform
#ah-sha-hmac AH-HMAC-SHA transform
#esp-3des ESP transform using 3DES(EDE)cipher (168 bits)
#esp-des ESP transform using DES cipher (56 bits)
#esp-md5-hmac ESP transform using HMAC-MD5 auth
#esp-null ESP transform w/o cipher
#esp-sha-hmac ESP transform using HMAC-SHA auth
Command in CISCO Router
Config(config)# crypto ipsec transform-set CorpHQ-vpn esp-3des esp-md5-hmac
Config(config)# mode (tunnel or transport)
No comments:
Post a Comment