Realization Of VPN Gateway Based On IPsec Protocol On Linux

With the fast increasing access engineering of the government and CAN and WAN application of large enterprise group, research and application of VPN has been carried on thoroughly. VPN is low-cost WAN application which provides safe solution among large enterprises group and some government ,and obtained many successful cases. this paper firstly introduce the concept of VPN and put forward to Classifying VPN into three models and each usage extension by network scale :Dialing VPN, IPsec VPN, MPLS VPN. And then it introduce is the trends that MPLS VPN and IPsec VPN technique combining to replace the traditional special line method gradually. For this reason this paper introduces architecture of Ipsec protocol , and realization of Gateway by using source-opening item free/WAN .At the end ,based on experiments and referred to commercial VPN NetGate software and router with VPN function ,this paper put forward some questions and the ways of solution .For the middle and small business enterprise,it need not pay much expense in construbution special line,we can applicatie VPN gateway, using IPsecVPN technique, insure the a security and compeletion for date carruing the public net. Using special tunneling technique make the date carrying the public net and realization the contrucrion with the different location net using public net provided by communication company.VPN is a the item synthesize the new technique in sexual network, its drive extensive accept to be decided by primarily below 2:00:While ising the project of VPN can proceed to encrypt with the circuit speed, will produce the bottleneck otherwise;Two is to can adjust a different from the data that guide the VPN flows the network ascends of management area.Ipsec VPN is VPN products based on Ipsec protocol,and tunnel security provided by Ipsec protocol。The Ipsec is a kind of being designed by IETF of really carry the mechanism that carry data safety of protecting the communication of IP, support logarithms according to encrypt, insure the complete of the data.The VPN is a many of classificate method, it is divided the VPN into MPLS VPN, IPSEC VPN and dail VPN by its scale size.There is two kinds of method to realize VPN gateway by the Linux.For the kernel veraion 2.2 and 2.4. The way of realization is Free/WAN. This articlw is analysis its working principle of the Free/WAN and discuss the way of realization for the IPsec VPN, the processing and security policy base on Free/WAN. At the last,application the experment analysis its realizing way, realizing processing security policy and through deit process.