| In the modern information world, network has been used more and more widely, even in the home environment. Network has become an important means for people to exchange information. The network information security is very critical for the wide use of network.VPN (Virtual Private Network) is a virtual private local network which can reduce cost through secure channels over the existed public communication channels, such as Internet. VPN implements this using a technology called tunnel. IPSec implements the network security in IP (Internet Protocol) layer. The advantage of which is that IPSec is transparent for the application protocol layers above IP, so the special secure mechanism is not needed. So the advantage is in evidence.ESP and AH mechanisms are provided by the IPSec protocol. ESP provides confidentiality, integrity, authentication and non-repudiation, and AH only provides integrity, authentication and non-repudiation. In IPSec protocol, automatic secure parameters negotiation of the security protocol is implemented by IKE. The parameters negotiated by IKE include the arithmetic of encrypt and authentication, the key used in encrypt and authentication, the protecting pattern of communication (transfers or tunnel pattern) and so on.This paper discuss the advantage of VPN in constructing a security network and analyze the technology of IPSec briefly, implement the two mechanisms of IPSec protocol in IP stack in routers. All the implementation is in the instruction of IETF RFCs. |
PDF Full Text Request