Authentication Header (AH) in IPsec
TheAuthentication Header (AH) protocolis part ofIPsecand providesauthentication, integrity, and replay protectionbutdoes NOT provide encryption.
✅B. AH provides data origin authentication.
Ensures thatpackets come from a trusted sourceusing cryptographic signatures.
✅C. AH provides anti-replay protection.
Usessequence numbersto prevent attackers from replaying old packets.
✅D. AH provides data integrity authentication.
Ensuresdata integrityby verifying that packetshave not been tampered withduring transmission.
❌A. AH provides packet encryption – Incorrect!
AH does not encrypt packet contents.It only authenticates headers.
ESP (Encapsulating Security Payload) is used for encryption in IPsec.
Reference from Huawei HCIE-Datacom Documentation:
Huawei IPsec Configuration Guide – AH vs. ESP
HCIE-Datacom Training Material – IPsec Security Mechanisms
