IPsec tunnel mode ________.

Prepare for the Network Security (NETSEC) 3 Test with flashcards and multiple choice questions. Each question offers hints and explanations. Get exam-ready efficiently!

Multiple Choice

IPsec tunnel mode ________.

Explanation:
IPsec mode determines how packets are protected and routed. In tunnel mode, the entire original IP packet is encapsulated and a new IP header is added, which is ideal for site-to-site VPNs between gateways. This setup makes firewall and NAT traversal more straightforward, because the traffic appears as VPN traffic between gateways and can use NAT Traversal (NAT-T) techniques to pass through networks that filter or block non-VPN traffic. In contrast, host-to-host protection is provided by transport mode, which only encrypts the payload of a packet and is used for end-to-end protection between hosts, not for gateway-to-gateway VPNs. So tunnel mode is the one that aligns with firewall/NAT traversal expectations, hence it is considered firewall-friendly.

IPsec mode determines how packets are protected and routed. In tunnel mode, the entire original IP packet is encapsulated and a new IP header is added, which is ideal for site-to-site VPNs between gateways. This setup makes firewall and NAT traversal more straightforward, because the traffic appears as VPN traffic between gateways and can use NAT Traversal (NAT-T) techniques to pass through networks that filter or block non-VPN traffic. In contrast, host-to-host protection is provided by transport mode, which only encrypts the payload of a packet and is used for end-to-end protection between hosts, not for gateway-to-gateway VPNs. So tunnel mode is the one that aligns with firewall/NAT traversal expectations, hence it is considered firewall-friendly.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy