Figure 58: PPTP Client Configuration
Click
after completing all the fields.
Figure 59: PPTP Client
IPSec VPN Tunnel
Overview
Internet Security protocol- IPsec is mainly used to authenticate and encrypt packets of data sent over the network layer. To
accomplish this, they use two security protocols – ESP (Encapsulation Security Payload) and AH (Authentication Header), the
former provides both authentications as well as encryption whereas the latter provides only authentication for the data
packets. Since both authentication and encryption are equally desirable, most of the implementations use ESP.
IPsec supports two different encryption modes, they are Tunnel (default) and Transport mode. Tunnel mode is used to encrypt
both payloads as well as the header of an IP packet, which is considered to be more secure. Transport mode is used to encrypt
only the payload of an IP packet, which is generally used in gateway or host implementations.
IPsec also involves IKE (Internet Key Exchange) protocol which is used to set up the Security Associations (SA). A Security
Association establishes a set of shared security parameters between two network entities to provide secure network layer
communication. These security parameters may include the cryptographic algorithm and mode, traffic encryption key, and
parameters for the network data to be sent over the connection. Currently, there are two IKE versions available – IKEv1 and
IKEv2. IKE works in two phases:
○
Phase 1:
ISAKMP operations will be performed after a secure channel is established between two network entities.
○
Phase 2:
Security Associations will be negotiated between two network entities.