Table of Contents

Chap No. Title

Page No.
DECLARATION
RESEARCH COMPLETE CERTIFICATE
FINAL APPROVAL
ACKNOWLEDGEMENT
ABSTRACT
CHAPTER 1: INTRODUCTION
6
1.1 Overview
6
1.2 Objective
6
1.3 Current Implementation
6
CHAPTER 2: TECHNICALBACKGROUND
9
2.1 Technology Used
9
2.2 IPSec Fundamentals
9
2.2.1 Authentication Header
10
2.2.2 AH Modes
10
2.2.3 Integrity Protection Process
11
2.2.4 AH Header
12
2.2.5 How AH Works
13
2.2.6 AH Version 3
14
2.3 Encapsulating Security Payload(ESP)
15
2.3.1 ESP Modes
15
2.3.2 Encryption Process
16
2.3.3 ESP Packet Fields
18
2.3.4 How ESP Works
19
2.3.5 ESP Version 3
20
2.3.6 ESP Summary
21
2.4 Internet Key Exchange
21
2.4.1 Information Exchange
22
2.4.2 Group Exchange
22
2.4.3 IKE Version 2
22
2.4.4 IKE Summary
23
CHAPTER 3: DESIGN AND IMPLEMENTATION
25
3.1 Design and Implementation Approaches
25
3.2 Relevant Configuration Steps
28
3.2.1 Crypto Configuration
28
3.2.2 Ports Configuration
29
3.2.3 Network Configuration
29
 3.3 IPSec VPN Requirements
30
3.3.1 Site-to-Site IPsec VPN
30
3.3.2 Configuration ISAKMP
30
3.4 Configure IPSec
31
3.4.1 Creating Extended ACL
30
3.4.2 Create IPSec Transform
31
3.4.3 Create Crypto Map
32
3.4.4 Apply Crypto Map
32
3.4.5 Bringing up And Verifying The VPN Tunnel
33
CHAPTER 4: WORKS AND ANALYSIS
35
4.1 IPSec VPN
35
4.1.1 How IPSec Works
35
4.2 IPSec Protocols
35
4.2.1 Encapsulating Security Protocol
36
4.2.2 Authentication Header
36
4.3 IPSec Mode
37
4.3.1 Tunnel Mode
37
4.3.2 Transport Mode
38
 4.4 Weaknesses of IPSec
39
CHAPTER 5: CONCLUSION
41
Appendix A: Abbreviations used
42
Appendix B: Output of Site-to-Site IPSec
43
Appendix C: Client-to-site Assigning IP Access
52

List of Figures And Tables

Fig/Table No. Title
Page No.
Figure 2.1: AH Tunnel Mode Packet
10
Figure 2.2: AH Transport Mode Packet
10
Figure 2.3: AH Header
12
Figure 2.4: Sample AH Transport Mode Packet
13
Figure 2.5: AH Header Fields From Sample Packet
14
Figure 2.6: ESP Tunnel Mode Packet
15
Figure 2.7: ESP Transport Mode Packet
16
Figure 2.8: ESP Packet Fields
18
Figure 2.9: ESP Packet Capture
19
Figure 2.10: ESP Header Fields From Sample Packet
20
Figure 3.1: Site-to-Site IPSec VPN
25
Figure 3.2: Client-to-Site Remote Access IPSec VPN
26
Table 3.2.1 Crypto Configuration
27
Table 3.2.2 Ports Configuration
28
Table 3.2.3 Network Configuration
28
Figure 4.1: Encapsulating Security Protocol (ESP)
35
Figure 4.2: Authentication Header (AH)
36
Figure 4.3: IPSec Tunnel Mode
38
Figure 4.4: IPSec Transport Mode
39
Table 4.4.1 Tunnel mode/Transport mode
39
Figure C.1: VPN Client Setup
53