Technical Overview of IPSec

When troubleshooting IPSec VPNs, it is very important to have a good understanding of the underlying mechanisms used to establish the IPSec tunnel and transport the traffic over it. To that end, a brief discussion of the IPSec architecture is included here.

The IPSec architecture (defined in RFC 2401) provides security services to IP traffic. These security services include integrity, data origin authentication, replay protection, data confidentiality, and limited traffic flow confidentiality.

IPSec components that provide these services include the following:

  • Security protocols

  • Security associations

  • Key management mechanisms

  • Associated authentication and encryption algorithms

The remainder of this section describes the ...

Get Troubleshooting Virtual Private Networks now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.