Does IPSec work below or above the network(IP) layer? If below then how does a router read the destination IP address which is encrypted inside the IPSec encryption?
IPSec – Which Layer Does IPSec Operate On?
ipsec
Related Topic
- Vpn – Pre-fragmentation for IPsec VPNs on cisco routers
- Vpn – do a pure IPSec VPN (no L2TP) with NAT-T where the server is inside a NAT
- L2TP/IPSEC vs Pure IPSEC – Key Differences Explained
- Why is IKE needed for IPSec VPN
- IPsec Tunnel Mode Without GRE – How It Works
- Cisco ASA – Troubleshooting Traffic Not Sent in IPsec
- Defining Interesting Traffic Using IPSec Profile on Cisco Router – How to Guide
Best Answer
IPSec is above the IP layer, but inside the encrypted IPSec packet, there is the original IP and payload.
IPSec wraps the original packet, encrypts it, adds a new IP header and sends it to the other side of the VPN tunnel.
Now IPSec only protects the data, and uses the original IP header, just changing the protocol field.