Table 1-5 IPSec Attributes
IPSec Attribute
|
Description
|
Main Mode and Aggressive
Mode
|
Ways to negotiate phase one of establishing ISAKMP Security
Associations (SAs)
|
Authentication algorithms
|
|
Authentication Modes
|
|
Diffie-Hellman Groups
|
|
Encryption algorithms
|
|
Extended Authentication
(XAUTH)
|
The capability of authenticating a user within IKE. This
authentication is in addition to the normal IKE phase 1
authentication, where the IPSec devices authenticate each other.
The extended authentication exchange within IKE does not replace
the existing IKE authentication.
|
Mode Configuration
|
Also known as ISAKMP Configuration Method
|
Tunnel Encapsulation Modes
|
IPSec over UDP (NAT/PAT)
IPSec over TCP (NAT/PAT)
|
IP compression (IPCOMP) using
LZS
|
Data compression algorithm
|
Copyright ©
2003,
Cisco Systems, Inc.
All rights reserved.