ICND2 – Chapter 17 – VPN

VPNs (Virtual Private Network) try to provide the same security as leased lines. This includes:

Privacy – prevents anyone on the internet from being able to intercept the packet data
Authentication – Verifies the sender
Integrity – Verifies the data has not changed
Anti-Replay – prevent man-in-the-middle from resending packets to pose as legitimate source

Types of VPNs:

Intranet – Site to Site within an organization
Extranet – Site to Site to another organization
Access – Allows access to corporate network from legitimate users across the internet

IPSec uses dynamic key exchange using IKE (Internet Key Exchange – RFC 4306). IKE uses the Diffie-Hellman process.

IPSec can use AH (Authentication Header) or ESP (Encapsulating Security Payload). ESP Encrpyts. AH does not.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s