Research And Application For Centralized VPN Tunnel Managment

As the development of Internet, more strict security solution of network is required. As the important participants and users of Internet, corporations, universities and governments choose VPN to be their security solution.VPN technology includes security tunnel technology, user authentication technology, and access control technology and so on. VPN can be supported by security protocols in different network layers such as PPTP on data link layer, IPSec on network layer, SOCKS on session layer etc. Application based on TCP/IP encapsulates data into an IP packet through network layer to transport and provides safe and transparent services for top layers. So we select IPSec protocol to implement VPN.This paper mainly describes that the implement of centralized Virtual Private Network System (VPN) based on IP Security protocol (IPSec). At first the paper simply introduces the conception of centralization. It is not a criterion but an original opinion based on specific analysis of project. Followed by analysis of VPN technology and relevant protocols, especially analysis of popular IPSec protocol system structure, design opinion of project is provided in the paper according to refer to other VPN systems and their function. People devote themselves to explore VPN technology in order to use public networks to connect networks or computers which have some common behalf into a controllable and private network through some same security policy.IPSec protocol is an IETF standard network security protocol to provide transparent security service for IP network communication, to protect IP communication from illegal access to withstand the attack of networks, and provide strong security guarantee for the implement of VPN system. IPSec uses strong password authentication and encryption algorithm to protect integrality and secrecy of IP communication. In Chapter 3 the paper introduces in detail IPSec security system structure, basic principle and constitute, and lays out IPSec processing of input and output packets by the numbers.In order to realize centralized management of VPN, a connector management...