So, I'm a bit confused -- Just started reading about GET VPN and in Yusuf's book "Network Security Technologies & Solutions" there is a diagram that shows an IP packet after GET VPN encapsulation and it is basically IPSEC transport mode as follows
[IP Header] [ESP] [DATA] Then today I am reading the 12.4T configuration guide for GETVPN and it contradicts this saying that it is actually TUNNEL mode but the outer and inner IP headers are identical. See http://www.cisco.com/en/US/i/100001-200000/170001-180000/170001-171000/170836.jpg So they are saying it looks like this [IP Header2] [ESP] [IP Header 1] [ DATA] where both IP headers are identical copies. Which is it? It seems from further research that the DOC CD is correct, but I want to make sure. Further, if that IS the case why in the world would they use a second IP header that is identical in tunnel mode instead of just using IPSEC transport mode as described in the book? Thanks everybody! -- Regards, Joe Astorino CCIE #24347 http://astorinonetworks.com "He not busy being born is busy dying" - Dylan _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
