Components of IPSec VPN
•IPSec uses 3 main protocols to create security framework
•Internet Key Exchange (IKE)
IKE creates a Secure Channel / Tunnel .
Allows 2 devices to exchange Encryption Key and negotiate Security Associations (SA)
Allows 2 devices to exchange Encryption Key and negotiate Security Associations (SA)
•Encapsulating Security Payload (ESP)
Provides – Integrity , Encryption , Authentication & Anti reply
More Secure
Use Protocol Number 50
More Secure
Use Protocol Number 50
•Authentication Header (AH)
Provides – Integrity , Authentication & Anti reply
Less Secure
Use Protocol Number 51
Less Secure
Use Protocol Number 51
ESP AND AH are the IPSec Protocols which provides secure exchange of users data
Modes Of IPSec VPN
•There are 2 modes in which IPSEC VPN can be implemented.
•End –to- End IPSec VPN Tunnel – Transport Mode.
•Site –to- Site IPSec VPN Tunnel - Tunnel Mode.
•End –to- End IPSec VPN Tunnel – Transport Mode.
•Site –to- Site IPSec VPN Tunnel - Tunnel Mode.
IPSEC Tunnel Mode VPN
•The original IP Packet (IP Header & Payload) are encapsulated with AH or ESP and an additional IP Header .
•New IP Header is normally Public IP address.
•Used between Gateways.(Site-to-Site)
•Default Mode of IPSec.
•New IP Header is normally Public IP address.
•Used between Gateways.(Site-to-Site)
•Default Mode of IPSec.
IPSEC Transport Mode VPN
•Only Data Payload is secured by IPSec i.e encapsulated with ESP or AH .
•The IP Headers are the original IP Headers.
•Used for encrypting traffic between 2 Hosts or a host & a VPN gateway i.e End-to-End IP Sec VPN.
•The IP Headers are the original IP Headers.
•Used for encrypting traffic between 2 Hosts or a host & a VPN gateway i.e End-to-End IP Sec VPN.
Thanks for Reading
amartechstuff
No comments:
Post a Comment