Previous Section
 < Day Day Up > 
Next Section


IPsec Modes

You can use IPsec capabilities for either normal transport or for packet tunneling. With normal transport, packets are encrypted and sent to the next destination. The normal transport mode is used to implement direct host-to-host encryption, where each host handles the IPsec encryption process. Packet tunneling is used to encrypt transmissions between gateways, letting the gateways handle the IPsec encryption process for traffic directed to or from an entire network, rather than having to configure IPsec encryption for each host. With packet tunneling, the packets are encapsulated with new headers for a specific destination, enabling you to implement virtual private networks (VPNs). Packets are directed to VPN gateways, which encrypt and send on local network packets.

Note 

You can choose to encrypt packets for certain hosts or for those passing through specific ports.



Previous Section
 < Day Day Up > 
Next Section
This HTML Help has been published using the chm2web software.