Design And Implementation Of Improved IPSec VPN System

With the information age of rapid development, Internet is widely used. Internet provides abundant network services, more and more information through the Internet sharing and transmission, how to guarantee the security of information is more important.Internet is a TCP/IP protocol based open packet switching network, while the IP protocol itself does not provide security services, the data on the Internet almost all use plain text mode for transmission, so that the data can easily be third party interception or tampered with, information safety not guaranteed.Among the many network security solutions, IPSec protocol because of its safety, interoperability and flexibility has been used widely, especially in the VPN technology, IPSec is almost become a standard. But it is a relatively complex protocols, and also is not very perfect. So, it is necessary to continue to study and explore IPSec protocol and based on its VPN system.This paper mainly completed the following three aspects:1.The working principle of VPN, key technology, relevant protocol and network security problems to make detailed research and analysis, focusing on the VPN three protocol (SOCKS V5, IPSec, PPTP/L2TP) in terms of safety analysis and comparison.2.Of IPSec protocol and system structure, operation mode and IPSec AH, esp, IKE modules do systematic research and analysis. At the same time on the IPSec protocol modules to cooperate with each other and for IP to provide security protection mechanism for further discussion.3. In a comprehensive analysis of the practical application, the network layer, operation efficiency and other factors, in order to cope with the complexity of IPSec, based on the existing system as the foundation, created a perfect improvement scheme, based on the careful analysis and Research on how to realize the reform scheme, the final success of the existing system is realized. Test system functions, in addition to further research and evaluation of test results.The purpose of this thesis is to security network communication security and in the open in Internet realizes remote network virtual connections between, for the transmission of data to provide integrity, authentication and confidentiality, and as much as possible to improve the transmission efficiency, applied to a variety of access control in.This paper is in the practical environment is realized by using IPSec VPN provides a method, At the same time for how to use IPSec to more effectively ensure the security of VPN communication provides a new train of thought.