From: Lachlan Kidd (Lachlan_Kidd@xxxxxxxxxxxx)
Date: Sun Oct 08 2000 - 19:42:07 GMT-3
Hi Jack,
Have a look at
http://www.cisco.com/warp/customer/105/IPSECpart3.html
It has definitions for both. As I understand it, it's something like this
Tunnel mode
[New Header][IPSec info][Original Header][Original Payload][Original
Checksum][New Checksum]
|----------------------------Encrypted---------------------------------------|
Basically the orignal packet is completly encrypted in a new packet.
Transport Mode
[Original Header][Original Payload][Original Checksum]
|----Encrypted-------|
In this case, information from Layer 4 and up is encrypted, leaving the
lower layers (including IP) in the clear.
These diagrams are pretty crude, I am just trying to show the broad
concepts <grin>
Regards,
Lachlan
"Jack Heney"
<jheneyccie@ho To: ccielab@groupstudy.com
tmail.com> cc:
Sent by: Subject: IPSec transform sets
nobody@groupst
udy.com
06/10/00 05:53
AM
Please respond
to "Jack
Heney"
Dear people who know more about ipsec than I do,
Could somebody explain the use of tunnel mode vs. transport mode in a
transform set? I know that it only applies to traffic that is sourced from
and destined for the peer addresses themselves, but what does transport
mode
actually do? Thanks in advance, Jack
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:24 GMT-3