|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] IPSec in Transport mode or in Tunnel Mode
No, transport mode is not supported. Check out http://www.checkpoint.com/products/vpn1/vpnwp.html (about 3/4 of the way down the page) for some diagrams and a description of the difference. In short, transport encrypts the data and leaves the IP header intact, whereas tunnel encrypts everything including the original IP header and re-creates the packet with a new IP header. Tunnel is the most preferable from a security standpoint. If you need transport mode, the best solution may be to terminate your VPN somewhere other than the firewall (parallel/inside/outside depending on your network design). HTH Dan Hitchcock Security Analyst Breakwater Security [email protected] -----Original Message----- From: Martin WF Hui [mailto:[email protected]] Sent: Wednesday, February 14, 2001 7:08 AM To: [email protected] Subject: [FW1] IPSec in Transport mode or in Tunnel Mode Hi, Please tell me whether Checkpoint FW 4.1 can support IPSec in Transport Mode. What is the benefits on using Transport mode rather than Tunnel mode. Please also teach me how to build a Transport Mode IPSec Tunnel. Thanks a lot. Martin ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
