Tunnel vs Transport(IPSEC PROTOCOLS=ESP+AH)

Transport mode:-
==============
AH:-
Ethernet>Original-IP>>>>>AH>TCP>DATA
<----clear text--authenticated-->\

ESP:-
Ethernet>Original-IP>>>>>>>>>>ESP
<----clear-----------><-encrypted>
ESP+AH:
--------
Ethernet>Original-IP>>>>>AH>ESP

Tunnel mode:-
===========
1)AH
Ethernet>PUBLIC-IP>>>>>>AH>ORIGINAL-IP>TCP>DATA
<--------clear text authenticated-------->
disadv:-
+doesnt support NAT-T
+in IP header, TTL and Checksum are excluded

2)ESP:-
Ethernet>PUBLIC-IP>>>>>>ESP
ESP=encrypts=original ip+TCP+data
ESP+AH:
--------
Ethernet>PUBLIC-IP>>>>>AH>ESP

OVERALL:-
tunnel mode= encrypts original IP header
transport mode=it doesnt encrypts original IP header



Tunnel mode:-
=========
 the entire original IP packet is protected by IPSec. This means IPSec wraps the original packet, encrypts it, adds a new IP header and sends it to the other side of the VPN tunnel
example=S2S VPN


IPSec Transport Mode:-
=================

IPSec Transport mode is used for end-to-end communications, for example, for communication between a client and a server or between a workstation and a gateway (if the gateway is being treated as a host).  A good example would be an encrypted Telnet or Remote Desktop session from a workstation to a server.


so tunnel mode provides the protection for the original source and destination address by encapsulating it under esp..and in transport mode original ip address is visible because in it only data is encapsulated.

0 Response to "Tunnel vs Transport(IPSEC PROTOCOLS=ESP+AH)"

Post a Comment

Powered by Blogger