YML8WVPN
NB8WVPN User Guide
8WVPN
NB8WVPN User Guide
NB8WVPN User Guide
NB8WVPN User Guide
www.netcomm.com.au
1
ADSL2+ VPN Router
9.6 Configuring IPSec/VPN Tunnels
VPN/IPSec Introduction
The VPN Router creates secure communications between sites without the expense of leased site-to-site lines.
A VPN tunnel is a combination of authentication, encryption, tunneling and access control technologies used
to transport traffic over the Internet or any insecure network. IPSec (Internet Protocol Security) is an industry-
standard protocol suite that provides confidentiality, data integrity and authentication at the IP Layer to offer secure
communications across a public network like the Internet.
IPSec Components
IPSec contains the following protocols:
•
Encapsulating Security Payload (ESP): Provides confidentiality, authentication, and integrity.
•
Authentication Header (AH): Provides authentication and integrity.
•
Internet Key Exchange (IKE): Provides key management and Security Association (SA)
Security Association (SA)
An SA provides data protection for unidirectional traffic as defined in the IPSec protocols. An IPSec tunnel typically
consists of two unidirectional SAs, which together provide a protected, full-duplex data channel.
IPSec can be used in tunnel mode or transport mode. Typically, the tunnel mode is used for gateway-to-gateway
IPSec tunnel protection, while transport mode is used for host-host IPSec tunnel protection. A gateway is a device
that monitors and manages incoming and outgoing network traffic and routes the traffic accordingly. A host is a
device that sends and receives network traffic.