IPSEC VPN. Basics Concepts I. General Overview.
Come on guys!! new year and new posts so let me try to explain you today what is an VPN and the basics of the IPSEC VPNs.
A VPN is a way to connect several devices or users in separate private sites in a secure mode through a public Network such Internet. To achieve this goal, the IPSEC suite of protocols créate a tunnel between the separated private sites in order to secure the comunication.
That tunnel basicly is created to perform the following three tasks:
It provides confidentiality encypting the communication for privacy so nobody wich intercept this traffic meanwhile it travels trough public network cannot read it.
It provides authentication so only authorised or well-known peers are able to establish the tunnel.
It provides integrity (tamper-proofing) in order to ensure data has not been modified.
At this point, it is neccesary to know that there are two modes to deploy the IPSEC tunnel:
Transport mode: Encapsules only the payload, not the IP header.
Tunnel mode: The whole packet is encapsulated and a new IP Header is added at the beggining. Then, when the packet reach the remote site, the packet is decapsulated and continue with the original Ip addressing.
Now what is IPSEC and how it Works, well, IPSEC is a Standard RFC which combines three protocols:
Internet Key Exchange (IKE). It is responsable for the authentication, key Exchange, and negotiation of the encryption and checksums.
Authentication Header (AH). It performs authentication but not encryption so it is not recommended by security reasons.
Encapsulatyion Security Payload (ESP). It performs the encryption and ensures the data integrity so it is prefered over AH for security reasons.
In order to understand two last concepts, let´s see the following image:
Now you have this concepts clear, you may know that the better option (from a security perspectvive) is to use ESP and tunnel mode.
If you want more, please, click here to see the next post.