Feature Description
In Cisco Cloud Native 5G, the IPSec functionality is available in Tunnel mode both on Session Management Function (SMF) and User Plane Function (UPF). The IPSec crypto-maps are associated under the appropriate interface on respective nodes. The IPSec tunnel is created between each SMF or UPF pair explicitly. This feature supports the IPv4 and IPv6 tunneling mode. There is no change on the N4/Sx service configuration.
The IPSec tunnel mode encapsulates the entire IP packet to provide a virtual secure hop between two gateways. In the VPN form of functionality, the entire IP packets are encapsulated inside another and delivered to the destination. It encapsulates the full IP header and payload.
For more information, refer to the N4/Sx over IPSec chapter.