What is IPSec?
- IPsec is a set of extensions to the IP protocol family
- It provides cryptographic security services
IPSec Working principle
IPSec works at layer 3 of the OSI model and provides the following services.
- Replay protection
How IPSec works?
- The IPSec VPN tunnel can be created between two Firewalls , for data transfer and resource sharing between the two networks.
If a resource from the remote network has to be accessed, the local firewall would encrypt the request and send it through the VPN tunnel to the remote firewall, which would decrypt the request and permit the access to requested resource.
What is VPN?
The VPN is abbreviated as virtual private network.It extends a non-public network across a public network over the internet. It permits a laptop to send and receive knowledge across shared or public networks as if it’s directly connected to the non-public network, whereas profiting from the practicality, security and management policies of the non-public network.
A VPN is formed by establishing a virtual point-to-point affiliation through the utilization of dedicated connections, virtual tunneling protocols, or traffic encryptions.A virtual private network affiliation across the net is analogous to a Wide Area Network (WAN) link between sites. From a user perspective, the extended network resources area unit accessed within the same manner as resources accessible inside the private network.
VPN permit staff to firmly access their company’s computer network whereas traveling outside the workplace. Similarly, VPNs firmly connect geographically disparate offices of a company, making one cohesive network. VPN technology is additionally utilized by net users to attach to proxy servers for the aim of protective individuality and placement.
Types of VPN
- the protocols accustomed tunnel the traffic.
- the tunnel’s termination purpose location on the client edge or network-provider edge.
- whether or not they provide site-to-site or remote-access property.
- the degree of security provided.
- the OSI layer they gift to the connecting network, like Layer a pair of circuits or Layer three network property.
VPN Authentication Principle
Tunnel endpoints should be documented before secure VPN tunnels will be established. User-created remote-access VPN might use passwords, biometrics, two-factor authentication or alternative cryptological strategies. Network-to-network tunnels usually use passwords or digital certificates. They for good store the key to permit the tunnel to determine mechanically, while not intervention from the user.
IPSec VPN (Virtual Private Network) Configuration & Setup on CentOS/RHEL 7/6/5
Step-I(Run the following command to configure VPN)
Go to device –> select Ipsec (give nick name as VPN1)
Ipsec Connection Type–> Network to Network encryption –>VPN
Ipsec Encryption Mode –> Automatic encryption mode –> select via IKA (racon)
Step-II(Ipsec Local Area Network)
local network address 192.168.0.10 to 255.255.255.0 local network gateway 192.168.0.254
For Ipsec Remote Area Network
Remote IP Address 220.127.116.11 local network address 192.168.1.10 to 255.255.255.0 local network gateway 192.168.1.254
Step-III(Ipsec key Generate)
Authenticate Key ***** –> Generate
Step-IV(Form client ping to remote client pvt ip)
# ping remote lan ip
Congratulations now you have configured IPSec VPN (Virtual Private Network) on CentOS/RHEL 7/6/5.