Hi Kings, According to my limited knowledge, if both AH and ESP are configured in IPSec transform set, the result IPSec packet will be IP protocol 51 as the AH will encapsulate ESP. You do not need to configure ESP in the ACL in this case. In addition to that both protocols use separate SPI number, so there are two Inbound SA and two Outbound SA created (although there is on packet on the wire).
Regards, Piotr 2011/6/11 Kingsley Charles <[email protected]> > I think, the following is the order for this combination: > > ESP Encryption + ESP Authentication ---- > ESP authenticates ESP > encrypted data > > > With regards > Kings > > > On Sat, Jun 11, 2011 at 7:15 PM, Vybhav Ramachandran <[email protected]>wrote: > >> Thanks a lot for all the information Kingsley! :) >> >> Cheers, >> TacACK >> > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
