[c-nsp] vpn

Jay Hennigan jay at west.net
Fri Sep 2 17:02:02 EDT 2005


On Fri, 2 Sep 2005, Mad Unix wrote:

> I want to know what are the differences between Authentication Header (AH)
> and Encapsulation Security Payload (ESP)?

Authentication Header is a means to authenticate the peer, verifying
that communications are with correct endpoint and not an impostor.  It
has nothing to do with encrypting the data in transit, only verifying
the identity of the remote end.

Encapsulation Security Payload encrypts the data to hide its meaning
from a third party that could intercept it in transit.  It does not
verify the identity of the remote peer.

Together, the two protocols are intended to ensure that communications
travel only to the correct endpoint (AH) and that the meaning is obscured
should the traffic be intercepted (ESP).

--
Jay Hennigan - CCIE #7880 - Network Administration - jay at west.net
WestNet:  Connecting you to the planet.  805 884-6323      WB6RDV
NetLojix Communications, Inc.  -  http://www.netlojix.com/


More information about the cisco-nsp mailing list