Which IPsec transport mode encrypts the IP header and the payload?
Which IPsec transport mode encrypts the IP header and the payload?
IPsec tunnel mode encrypts both the IP header and the payload. In this mode, the original IP packet, including its header and payload, is encapsulated by another IP packet, with a new IP header added. This ensures that the original packet is completely protected during transmission.
IPsec is used in tunnel mode or transport mode. Security gateways use tunnel mode because they can provide point-to-point IPsec tunnels. ESP tunnel mode encrypts the entire packet, including the original packet headers.
https://www.cloudflare.com/en-gb/learning/network-layer/what-is-ipsec/ IPsec tunnel mode is used between two dedicated routers, with each router acting as one end of a virtual "tunnel" through a public network. In IPsec tunnel mode, the original IP header containing the final destination of the packet is encrypted, in addition to the packet payload. To tell intermediary routers where to forward the packets, IPsec adds a new IP header. At each end of the tunnel, the routers decrypt the IP headers to deliver the packets to their destinations. In transport mode, the payload of each packet is encrypted, but the original IP header is not. Intermediary routers are thus able to view the final destination of each packet — unless a separate tunneling protocol (such as GRE) is used.
D is correct
D is correct