best method to accomplish the transport of EIGRP traffic?

To securely transport EIGRP traffic, a network administrator will build VPNs between sites. What is the
best method to accomplish the transport of EIGRP traffic?

To securely transport EIGRP traffic, a network administrator will build VPNs between sites. What is the
best method to accomplish the transport of EIGRP traffic?

A.
IPSec in tunnel mode

B.
IPSec in transport mode

C.
GRE with IPSec in transport mode

D.
GRE with IPSec in tunnel mode



Leave a Reply 2

Your email address will not be published. Required fields are marked *

one × one =


John Reed

John Reed

The ARCH manual says the answer is “D”, GRE with IPsec in Tunnel mode. Integrating p2p GRE with either IPsec tunnel mode or transport mode has been debated. Tunnel mode adds an additional 20 bytes to the total packet size. Either tunnel or transport mode work in a p2p GRE over IPsec implementation; however, several restrictions with transport mode should be considered. If the crypto tunnel transits either a Network Address Translation (NAT) or Port Address Translation (PAT) device, tunnel mode is required. In addition, this design guide shows configuration examples for implementing p2p GRE over IPsec where the p2p GRE tunnel endpoints are different than the crypto tunnel endpoints. Tunnel mode is also required in these cases.

Lonesomeboy

Lonesomeboy

Agreed. The tunnel mode of IPSec means that all of the original headers have been secured behind the new tunnel header and are therefore more secure and useful (NAT traversal).