Chapter 20 - Implementing Site-to-Site VPNs Flashcards Preview

Cisco CCNA Security (640-554) > Chapter 20 - Implementing Site-to-Site VPNs > Flashcards

Flashcards in Chapter 20 - Implementing Site-to-Site VPNs Deck (1):
1


What protocols / ports may be required for IPSec to function?


UDP Port 500 - IKE Phase 1 negotiation

UDP Port 4500 - NAT-T (NAT Transversal) if there is NAT taking place on both endpoints.

Layer 4 Protocol 50 (ESP) - ESP is needed at layer 4 for encapsulation and de-encapsulation of each IPSec packet

Optional (if AH is being used)

Layer 4 Protocol 51 (AH) - AH is not usually used because it does not encrypt packets.