The IPsec feature security protocols use two different modes to protect the entire IP payload or the upper layer protocols:
Transport mode
Tunnel mode
Transport mode IPsec protects the upper layer protocols. In transport mode, IPsec adds an IPsec header between the IP header and upper layer protocol header.
Tunnel mode IPsec protects the whole IP packet. In tunnel mode, IPsec inserts the IPsec header between another IP datagram IP header and inner IP header.
Note
The IPsec implementation on the switch only supports transport mode.