IPsec Cheat Sheet

Question 1

What is ISAKMP protocol for IPsec?

Answer 1

A framework for the negotiation and management of security associations between peers

Question 2

What is IKE protocol for IPsec? (Internet Key Exchange)

Answer 2

A method for exchanging keys for encryption and authentication over an unsecured medium, such as the Internet. Using asymmetric cryptography

Question 3

What is ESP for IPsec? (Encapsulation Security Payload)

Answer 3

Provides data encryption, data integrity, and peer authentication. IP protocol 50

Question 4

What is AH for IPsec? (Authentication Header)

Answer 4

Provides data integrity and peer authentication ,but not data encryption. IP protocol 51

Question 5

What are the two IPsec modes and the differences? Which is the default

Answer 5

Transport mode: The ESP and AH header is inserted behind the IP header; the IP header can be authenticated but not encrypted

Tunnel mode: A new IP header is created in place of the original; this allows for the encryption of the entire original packet (the default)

Question 6

What are the two IKE phases for IPsec? Also, what are the other ways you can name those phases

Answer 6

IKE phase 1 tunnel -or- ISAKMP tunnel:
A bidirectional ISAKMP SA (Security Association) is established between peers to provide a secure management channel (IKE in main or aggressive mode)

IKE phase 2 tunnel -or- IPsec tunnel:
Two unidirectional IPsec SAs are established for data transfer using separate keys (IKE quick mode)