Security Basics mailing list archives
RE: AH for IPSec esp tunnel mode?
From: "Dina Kamal" <dina () synergyct com>
Date: Wed, 9 Apr 2003 12:27:07 +0400
No ...you do not need to as long as you have esp/tunnel mode. AH provides integrity and data origin authentication for the payload plus the IP hearder where as ESP alone provides Confidentiality (Encryption), integrity and authentication but for the payload only But when you use ESP + tunnel mode , you actually obtain the benefits of both Regards, Dina -----Original Message----- From: news [mailto:news () main gmane org]On Behalf Of Matthias Teege Sent: Friday, April 04, 2003 3:44 PM To: security-basics () securityfocus com Subject: AH for IPSec esp tunnel mode? I have a IPSec tunnel between to gateways in esp/tunnel mode. Is it necessary to make use of ah in a setup like that? Many thanks Matthias -- Matthias Teege -- http://www.mteege.de make world not war PGP-Key auf Anfrage ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Current thread:
- AH for IPSec esp tunnel mode? Matthias Teege (Apr 04)
- RE: AH for IPSec esp tunnel mode? Dina Kamal (Apr 09)
- <Possible follow-ups>
- RE: AH for IPSec esp tunnel mode? Raghu Chinthoju (Apr 04)