IPSec VPN Design

Chapter 9. Network-Based IPSec VPNs

In previous chapters, you reviewed IPSec VPN fundamentals and design principles in depth. This chapter explores a new type of VPN service known as the network-based VPN.

Fundamentals of Network-Based VPNs

In a customer edge (CE) VPN or CE-based VPN that uses IPSec, all VPN configuration, encapsulation, and decapsulation is performed by the CEs. The provider network that provides connectivity to the CEs is simply providing a transport service to the CEs and is oblivious of the VPN configuration. In a network or provider edge–based VPN, all VPN configuration, encapsulation, and decapsulation is performed at the provider edge (PE); the CEs in this case are oblivious of the VPN configuration. Figure 9-1 shows ...

Get IPSec VPN Design now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

IPSec VPN Design by Vijay Bollapragada, Mohamed Khalid, Scott Wainner

Chapter 9. Network-Based IPSec VPNs

Fundamentals of Network-Based VPNs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly