Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 473
  • Last Modified:

ESP and AH transform-set command

When I do a crypto ipsec transform-set ?
I see:

ah-md5-hmac
ah-sha-hmac
comp-lzs
esp-des
esp-md5-hmac
esp-null
esp-sha-hmac

I always choose esp-des.
When's the proper time to choose ESP and when's the proper time to choose AH?

0
dissolved
Asked:
dissolved
1 Solution
 
JFrederick29Commented:
You can use AH alone when you are just looking for authentication and anti-replay services without encryption.  If you want encryption you need to use ESP.  ESP also provides authentication.  Typically you are going to use ESP for your VPN tunnel.
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now