+ Reply to Thread
Results 1 to 5 of 5

Thread: IPSec doubt

  1. !30
    !30 is offline
    Senior Member
    Join Date
    Jul 2006
    Location
    Lost Heaven , Romania
    Posts
    365

    Certifications
    CCNA (+ Net Academy),MCP (70-290 ,70-270,70-291,70-271) | next : 70-272 ( MCDST )
    #1

    Default IPSec doubt

    I was learning about IPSec and I'm pretty sure that I haven't understand the right thing , I'll write here what I understand , and please that experienced user's will explain me if I'm wrong , were I'm wrong.

    I understand that IPSec is a whole of protocol's ( autentification , encryption , filter's and a lot more ) , use for sending secure trafic from one host to another over the network.
    I mean I believe , IPSec is a method / group's of protocols mean to provide secure trafic over the netowrk.
    There are some kind of filter's , per example , those filter's may say , that from computer 1 to computer 2 { when computer 1 telnet to computer 2 } telnet trafic should be send secure , no ? and in the filter list will be this line meaning computer 1 should transmit secure telnet trafic to computer 2 for some kind of administrative right's.Computer 2 will have a filter line meaning that it should accept secure trafic and { permit secure trafic , telent trafic from computer 1}.
    IPSec will make some kind of negotiation , for both computer's to see what and how , and the send secure envrypted trafic from one and another , this trafic can be decrypted by IPsec driver and encrypted from both computer?

    Is my understanding corect ? Coz I don't want to pass , and don't really understand some thing's.Maybe someone experienced could explain me about IKE or SPI .

    Thank's in advance , Cheer's !
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Jun 2006
    Location
    Tampa Bay
    Posts
    1,266

    Certifications
    MCSA 2000, MCSE 2003, Exchange 2000, CCNA, CCNA Security, CNE, A+, Network+, Security+
    #2
    Start with this: http://www.techexams.net/technotes/s...as.shtml#IPSec

    If you want to go further, study the IPSec section of a 293 study guide.

    For the Security test though, you won't have to go through knowing about setting up IPSec, such as configuring filters and the like. Do know the difference between AH and ESP (I suggest knowing the IP protocols they use respectively), when to configure IPSec in tunneling mode or transport mode, encryptions used, that sort of thing. Nothing terribly deep though.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    May 2004
    Location
    Milwaukee, WI
    Posts
    451

    Certifications
    CCNA CCNA Voice CCNP (+CSPFA, QoS, & CCIE R&S written), MCSA/MCSE on Win2k , Network+, Security+.
    #3
    Reply With Quote Quote  

  5. !30
    !30 is offline
    Senior Member
    Join Date
    Jul 2006
    Location
    Lost Heaven , Romania
    Posts
    365

    Certifications
    CCNA (+ Net Academy),MCP (70-290 ,70-270,70-291,70-271) | next : 70-272 ( MCDST )
    #4
    Thank's for replay guy's , I read those information , let's say carefuly and I have one more doubt.

    I understand that IPSec it's used in transport { mean , secure - encrypted -etc } trafic from node-to-node LAN device's and in tunnel mode , mean secure trafic from router-router / server-server around the publical internet , no ?
    I mean , tunnel's are used by VPN , to create a secure connextion over the publical internet fromn a remote office to the principal center no ? This is what a tunnel mean { like a private tunnel } , but my question is , private IP addresses are routed { re-encapsulated , within a new encrypted IP protocol } to be routed over the publical internet within tunnels no ? I mean , over secure connextion , when IpSEC tunnel mode is in use ? Private Ip addresses pass over the tunnel ? and over the public internet no ? But why does the router forward's them and not drop them ? Because the entire pachet is encrypted ?and then encapsulated into a new pachet ? How does the rotuer know where to forward , over the tunnel ? if the entire Ip datagram is encrypted..

    Maybe I become a little paranoic .. but
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jun 2006
    Location
    Tampa Bay
    Posts
    1,266

    Certifications
    MCSA 2000, MCSE 2003, Exchange 2000, CCNA, CCNA Security, CNE, A+, Network+, Security+
    #5
    IPSec tunnel enapsulates (or authenticates in the case of AH) the header as well as the payload, wheras in transport mode, only the payload is encapsulated/authenticated.

    But go over the links others provided you. It describes all of this, including the headache encountered when trying to run an IPSec tunnel through NAT.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks