Your way of explanation is osum to understand. Could you clarify the below query? In MM5, we encrypt the hash + ID I. If I use NAT device then the responder will do the hash matching with the Natted ip only. So hash will fail know. So, please explain
If Both peer IP known and fixed, we can go for Main Mode. But what if remote end ip gets changed by ISP frequently or its not fixed, like HUB-SPOKE. I mean to say we dont know the fixed IP, we can use identity as HOSTNAME/FQDN. and for spoke side ,HUB has fixed ip. But for HUB side, spoke doesn't have fixed ip, its dynamic. we can use aggressive mode site to site.
After going through many videos I must say this is best explained on the internet about IPsec messages. Sir, could you please make one video on quick mode messages as well.
Hi, Thanks for such informative videos. Could you please also advise how the NAT-D is incorporated here? I assume you missed that part inadvertently?
Your way of explanation is osum to understand.
Could you clarify the below query?
In MM5, we encrypt the hash + ID I. If I use NAT device then the responder will do the hash matching with the Natted ip only.
So hash will fail know.
So, please explain
Seriously , man i am eagerly waiting for your video specially aggressive mode !
I hope this has helped you
@@ASAme2 yeah Thanks and keep uploading ..
@@ASAme2 Really it helped me alot !! Can you tell me whn we use UDP PORT 10,000
You have a gift for expressing things clearly. Thank you!
many thanks for the video.... Expectation are high sir...please explain about Ikev2 and Why child SA is generated.
@Sudesh, Thanks for your support
Crystal clear explained
If Both peer IP known and fixed, we can go for Main Mode. But what if remote end ip gets changed by ISP frequently or its not fixed, like HUB-SPOKE. I mean to say we dont know the fixed IP, we can use identity as HOSTNAME/FQDN. and for spoke side ,HUB has fixed ip. But for HUB side, spoke doesn't have fixed ip, its dynamic. we can use aggressive mode site to site.
After going through many videos I must say this is best explained on the internet about IPsec messages.
Sir, could you please make one video on quick mode messages as well.
Sir is the PHASE 2 Same in main and aggressive mode?if not then please upload phase 2 using aggressive mode.....please reply fast.
Phase 2 is same, irrespective of main or aggressive mode. Phase 2 is known as quick mode. So it can either be MM+QM, OR AM+QM.
@@ASAme2 Thank u sir.
Thank you for this video .
Thank you for your support
Pls upload video on Phase II (Quick Mode)
Could you please upload phase2 videos
Thank you so much for the brilliant explanation so far...
Sir, Please make video on quick mode messages as well.
Please also upload quick mode video.