Firewall Wizards mailing list archives
Re: Cisco Firewall IOS question
From: Leonard Miyata <leonard () geminisecure com>
Date: Mon, 5 Oct 1998 13:28:04 -0700 (PDT)
Lets See Now... GRE: There is no provision for encryption of GRE packets (check the RFC), however, some protococols that use GRE do support encryption. As an example, Microsoft PPTP (tunneled serial link) uses GRE over IP for packet transport, but the encryption is a part of PPTP not GRE. L2TP: There is no provision for encryption. The current draft assumes that confidentiality will be provided by IPSEC packet encryption. L2F: ??? No doubt that the Cisco box suports IPSEC. With IPSEC enabled, you can secure anything via tunneled IP over IPSEC. Now if we only had a working PKI to solve the key management/distribution problem.... Personal Opinions Provided by Leonard Miyata aka leonard () geminisecure com On Mon, 5 Oct 1998, Chris Hughes wrote:
Cisco claims that its firewall IOS can provide secure data transfer over public lines (such as the Internet) using any of the following protocols: - Generic Routing Encapsulation (GRE) Tunneling - Layer 2 Forwarding (L2F) - Layer 2 Tunneling Protocol (L2TP) - Quality of Service (QoS) controls: prioritize applications and allocate network resources to ensure delivery of mission-critical application traffic Do any of these protocols actually encrypt the data?? Seems to me that the answer is no, but I'm not suire... Also, Cisco claims that their network-layer encryption capability prevents eavesdropping or tampering with data across the network during transmission. Does anyone know what type of encryption they use? Could this be utilized in tandem with the aforementioned protocols to achieve security for VPN over the internet? Comments welcome....
Current thread:
- Cisco Firewall IOS question Chris Hughes (Oct 05)
- Re: Cisco Firewall IOS question Leonard Miyata (Oct 05)
- <Possible follow-ups>
- Re: Cisco Firewall IOS question Ryan Russell (Oct 06)
- RE: Cisco Firewall IOS question James D. Wilson (Oct 07)
- RE: Cisco Firewall IOS question Ryan Russell (Oct 07)
- RE: Cisco Firewall IOS question Eric Vyncke (Oct 09)
- Re: Cisco Firewall IOS question Steve Bellovin (Oct 13)