Options
IPSec
Hello!
I'm wondering if there is anyone out there who is quite clued up on IPSec and related protocols?
I'm doing a report on VPNs, more specifically site-to-site. I'm comparing them with leased lines. I'm however struggling to understand where IPsec comes in. I understand that leased lines "usually" use the level 2 PPP to establish a connection. I understand that IPSec is a layer 3 suite of protocols. My problem is that i don't understand on what IPsec sits on in the OSI model? e.g. what data link technology is used. When i establish an IPSec connection in tunnel mode between 2 routers is it using the PPP? It surely can't be as IPSec encapsulates the packet so what technology is used at the data link layer?
Sorry if my explanation is confusing... it sums up what is going on in my brain haha.
Thanks a lot,
Richard
I'm wondering if there is anyone out there who is quite clued up on IPSec and related protocols?
I'm doing a report on VPNs, more specifically site-to-site. I'm comparing them with leased lines. I'm however struggling to understand where IPsec comes in. I understand that leased lines "usually" use the level 2 PPP to establish a connection. I understand that IPSec is a layer 3 suite of protocols. My problem is that i don't understand on what IPsec sits on in the OSI model? e.g. what data link technology is used. When i establish an IPSec connection in tunnel mode between 2 routers is it using the PPP? It surely can't be as IPSec encapsulates the packet so what technology is used at the data link layer?
Sorry if my explanation is confusing... it sums up what is going on in my brain haha.
Thanks a lot,
Richard
Comments
-
Options
woody1144
Member Posts: 10 ■□□□□□□□□□
Had a brain wave lol,
IPSec basically encapsulates and encrypts the IP packet before it gets sent to layer 2. PPP just encapsulates the IP packet before getting sent out. Therefore IPSec and PPP are very similar in what there do so they are not used together? They are 2 different forms of encapsulating the IP packet, they just work at different levels?
Thanks,
Richard
-
Options
dtlokee
Member Posts: 2,378 ■■■■□□□□□□
IPSec can be used over any data link including Ethernet, Serial (PPP encapsulation can be used), ATM or any of the other L2 protocols out there. Basically IPSec just adds and additional layer 3 header and encrypts and authenticates (ESP) or just authenticates (AH) the payload (Which is the L3 - L7 headers and the data)The only easy day was yesterday! -
Optionswoody1144
Member Posts: 10 ■□□□□□□□□□
dtlokee wrote:IPSec can be used over any data link including Ethernet, Serial (PPP encapsulation can be used),
Thank you for the help, makes alot more sense to me now, quite simple when you thing about it logically. When you say it can be used on serial, can it be used in tunnel mode without PPP? for example if i create a link between 2 routers using DCE/DTE cables in a lab could i not just use IPSec to create the VPN tunnel or would i need to include PPP encapsulation? or were you refering to when L2TP is used with IPSec?
Thanks a lot,
Richard -
Optionsdtlokee
Member Posts: 2,378 ■■■■□□□□□□
No you would still need a Layer 2 framing protocol like HDLC or PPP across the serial line since it's basically just the L1 connection between the devices.The only easy day was yesterday!