Security Basics mailing list archives

IPSEC Tunnel vs Transport Mode

From: Robin Atler <ratler () enter net>
Date: 23 Apr 2003 13:51:12 -0000



I'm setting up a VPN.  I've read some documentation that states, rather 
generically, that IPSEC tunnels can run in either tunnel or transport 
mode.  Transport mode simply protects the message contents while tunnel 
mode protects the message contents and the original IP headers.  I'm using 
Cisco gear which says that transport mode only works when the tunnel 
endpoints are the conversing devices.  This doesn't seem quite right to me 
and I don't understand why that would be required.  Can anyone explain 
that or is paticular behavior this simply a "cisco-ism"?

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place.  http://www.securityfocus.com/BlackHat-security-basics 
----------------------------------------------------------------------------

Current thread:

IPSEC Tunnel vs Transport Mode Robin Atler (Apr 23)
- RE: IPSEC Tunnel vs Transport Mode David Gillett (Apr 24)
- <Possible follow-ups>
- RE: IPSEC Tunnel vs Transport Mode Naman Latif (Apr 24)
- RE: IPSEC Tunnel vs Transport Mode Schouten, Diederik (Diederik) (Apr 24)
- Re: IPSEC Tunnel vs Transport Mode Mark Reardon (Apr 24)