IP ESP Modes
Transport mode
Tunnel mode
Original IP Header ESP ESP ESP
(plus options) Header TCP Data Trailer Auth
encrypted
authenticated
New IP Header ESP Original IP Header ESP ESP
(plus options) Header (plus options) TCP Data Trailer Auth
encrypted
authenticated
Adapted from RFC 2406
Previous slide
Next slide
Back to first slide
View graphic version