• caglararli@hotmail.com
  • 05386281520

IPSec in tunnel model with AH&ESP: position of original IP header?

Çağlar Arlı      -    10 Views

IPSec in tunnel model with AH&ESP: position of original IP header?

I am studying IPSec in tunnel mode when first applying ESP and then AH and am wondering about the position of the original IP header. I see two options:

  1. IP header (crypto), AH header, ESP header, IP header (comm), ...
  2. IP header (crypto), AH header, IP header (comm), ESP header, ...

where "IP header (crypto/comms)" is the IP header for the cryptographic/communication endpoints. Option 1. makes more sense to me since the communication IP addresses would also be encrypted.