IPsec modes: Understanding transport vs. tunnel modes for VPN security

Did you know that there are two types of IPsec modes? This article series walks you through examples, behaviors and implementation of both.

When building a virtual private network (VPN), the Internet Protocol security (IPsec) protocol is an essential ingredient for properly protecting VPN traffic. IPsec's primary objective is to provide security services for IP packets, and these services include data encryption, authentication and protection against replay from hackers.

Discovering IPsec modes

IPsec can actually operate in two different modes: IPsec tunnel mode and IPsec transport mode. Deciding which IPsec mode to use depends dramatically on your network topology and the purpose of your VPN.

To help explain these modes and their applications, we will provide a few examples in the following articles:

Chris Partsenidis

About the author: Chris Partsenidis is the founder and senior editor of www.Firewall.cx -- one of the few websites Cisco Systems recommends in its world class Cisco Academy program. Firewall.cx is also the only official Cisco Press reviewer in the world. He has a degree in electrical technology and holds the following certifications: CNA for Netware 3, 4 and 5; Cisco's CCNA; Microsoft's MCP; DCE (D-link Certified Engineer); LCP (Linux Certified Professional); Network+; A+; Symantec STS; SSE; SSE+ and Hellas-Sat Certified Engineer.

This was last published in June 2012

Dig Deeper on Network Security