Results 1 to 7 of 7

Thread: VPN and IPSEC protocols

  1. #1
    Join Date
    Jul 2010
    Posts
    15

    VPN and IPSEC protocols

    For VPN so play a role in various protocols, including PPTP, L2F and L2TP and IPSEC issues, the first three on the run-level Layer 2 and Layer 3 IPSec I am well aware that the so-called Layer 2 Data Link Layer (link layer) and Layer 3 Network Layer. Can someone please explain why IPSEC is running as a single Layer 3 and why is that and what is the advantage? Hoping that some members will lend a helpful hand for resolving this issue.

  2. #2
    Join Date
    Oct 2008
    Posts
    137

    Re: VPN and IPSEC protocols

    I once had a Linux magazine, in which the different possibilities for VPNs are discussed. Unfortunately I can not find it. The Linux Magazine Special Bulletin 1 / 2004 deals with it and again found for a detailed explanation of IPsec to the Linux 3.5 magazine (which would fit in time anyway). Maybe you can rustle up somewhere (library?). Well, the different possibilities are already clear, but why go to Layer 3 IPSec and which has the advantage that I find nowhere ... IPSec is as the name implies, IP-based. IP can also start starts only from Layer 3. If it is already clear. Layer 2 provides "only" to ensure a valid connection. However, PPTP, L2F, etc but need a protocol used to transmit? Is the reason perhaps that the IP protocol is independent of other protocols and Layer 2 options for a common protocol must be used.

  3. #3
    Join Date
    Oct 2008
    Posts
    161

    Re: VPN and IPSEC protocols

    You should first clear the concept before moving in deep. LAN type can connect to the computer site of a company together. These networks are relatively secure because they are almost always behind a series of firewalls or cut Internet and that the path taken by the data never leaves the company and is known. They may therefore be subject to attacks so-called "man-in-the-middle" to be the subject of another document. On the Internet, we do not know where to go because the data paths are changing. These data can be intercepted or listened to. It is not possible to connect two LANs together via the Internet without using the secure flow of information exchanged. There are two solutions:
    • connecting two sites over a dedicated line but overpriced
    • create a secure virtual private network that is a VPN. It encapsulates data in an encrypted tunnel

  4. #4
    Join Date
    Oct 2008
    Posts
    119

    Re: VPN and IPSEC protocols

    The VPN is based on a tunneling protocol is a protocol for encrypting data by a cryptographic algorithm between the two networks. There are two types of VPN:
    • VPN access allows a user to connect isolated in an internal LAN (eg, business). In this case, it can have its own VPN client to connect directly to the network. Otherwise, he should ask his ISP to provide an access server that will handle the encrypted connection. Only problem, the connection between the user and the remote access server is not encrypted.
    • Intranet or extranet VPN connects two LANs together. In the case of the extranet, it may be, for example, a network of a company and its customers. In both cases, the two networks must be as before the network was in one piece. For example, we can ensure to have a gateway in each network that would connect with each other online in encrypted form and then would transport the data between two networks.

  5. #5
    Join Date
    Feb 2008
    Posts
    130

    Re: VPN and IPSEC protocols

    The VPN is just a concept, not an implementation. It is characterized by the following obligations:
    • authentication of communicating entities: the VPN server must be sure to talk to the true VPN client and vice versa
    • User Authentication: Only good people should be able to connect to the virtual network. It must also be able to keep logs of connections
    • Address Management: All users must have a private address and obtain a new client easily
    • encryption of the tunnel: the data exchanged on the Internet must be properly encrypted between the VPN client and VPN server and vice versa
    • encryption keys must be regenerated often (automatically)
    • VPN support says all protocols to achieve a real tunnel as if there was actually a cable between the two networks.

  6. #6
    Join Date
    Feb 2009
    Posts
    72

    Re: VPN and IPSEC protocols

    IPSec is a Layer 3 protocol suite has the advantage that you can easily send it via existing IP connections. Depending on the mode you mean relatively little configuration effort, and network overhead. Honestly, I know the configuration work for the other protocols, but I was already implementing IPSec on Linux rather tricky. SSH was originally known as secure replacement for telnet, offers the possibility of tunneling TCP connections, thus providing access to safe services on a secure network, without creating a virtual private network in the full sense. However, since version 4.3, OpenSSH software used to create tunnels between two virtual network interfaces at Layer 3 (routing only IP traffic interfaces TUN) or level 2 (all traffic Ethernet interfaces TAP). However, OpenSSH only supports the creation of these tunnels, the management (routing, addressing, bridging, etc. ...), ie the creation of VPN tunnels using these, remaining the responsibility of the user.

  7. #7
    Join Date
    Feb 2009
    Posts
    56

    Re: VPN and IPSEC protocols

    Quarantining connections allows an authenticated user to isolate and inspect its configuration to see if it is safe (if necessary to achieve compliance - patches, antivirus, firewall. ..). Then, and only if it complies, it will have access to the internal network of the company. The addition of the inspection station can significantly reduce the risk of attacks against the VPN. On the walkway Microsoft ISA Server, the technology is called VPN Quarantine (VPN-Q). Automation is achieved through software QSS (Quarantine Security Suite). Microsoft provides the NAP service that allows to do the same thing also on cable networks (switches, ...) and Wi-Fi secure. IPsec is a layer 3 protocol, based on the work of the IETF to transport encrypted data to IP networks.

Similar Threads

  1. What are the description of sub protocols
    By Raulf in forum Networking & Security
    Replies: 5
    Last Post: 15-02-2010, 08:17 AM
  2. What is a IPsec?
    By Custidio in forum Networking & Security
    Replies: 5
    Last Post: 30-12-2009, 08:42 PM
  3. What are various types of the protocols?
    By Julli_gaada in forum Networking & Security
    Replies: 4
    Last Post: 30-11-2009, 12:57 PM
  4. UDP and TCP protocols
    By Xmen in forum Networking & Security
    Replies: 3
    Last Post: 06-10-2009, 12:51 PM
  5. URL protocols
    By Ximen in forum Networking & Security
    Replies: 1
    Last Post: 05-01-2009, 07:30 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,712,349.79840 seconds with 17 queries