Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Design and Implementation of Route-based VPN Tunnel on IPSEC VPN for Reliable and Secure Network


Affiliations
1 Department of CSE, CBIT, Hyderabad, India
     

   Subscribe/Renew Journal


A virtual private network (VPN) provides a means for securely communicating between remote computers across a public wide area network (WAN), such as the Internet.A VPN connection can link two local area networks (LANs) or a remote dialup user and a LAN. The traffic that flows between these two points passes through shared resources such as routers, switches, and other network equipment that make up the public WAN. To secure VPN communication while passing through the WAN, the two participants create an IP Security (IPSec) tunnel1. An IPSec tunnel can provide the following security functions: Privacy (via encryption), Content integrity (via data authentication) and Sender authentication and-if using certificates-no repudiation (via data origin authentication). Juniper SRX Security devices supports the IPSec VPN tunnel formation not only using Policies, it can also be done by routing a traffic to a virtual interface called st0 interface which reduces the burden of policy verification. The aim is to configure a separate secure tunnel (st0) logical unit. With route-based VPNs, organizations define the VPN overlay links and then define the static routes that will be used for transport, allowing the route, to determine which traffic goes through the VPN. Static route-based VPNs separate the physical network from the abstract VPN network to simplify deployment and management. There are multiple ways to implement a hub-and-spoke VPN topology using the concepts of Route-Based VPNs.

Keywords

VPN, WAN, LAN, IPSec, SRX, ROUT, TUNNEL, IP, IS-AKMP, IKE
Subscription Login to verify subscription
User
Notifications
Font Size


  • Junos Security by Rob Cameron, Brad Woodberg, Patricio Giecco, Tim Eberhard, and James Quinn. O'Reilly Publications.
  • Junos Cookbook by Aviva Garrett.
  • Virtual Private Network-en.wikipedia.org/wiki/ Virtual_private_network
  • VPNs A Beginners Guide, John Mains, McGraw Hill; ISBN: 0072191813
  • RFC 2409 D. Harkins, D.Carrel, Internet Key Exchange (IKE) protocol.
  • Building and Managing Virtual Private Networks, Dave Kosiur, Wiley & Sons.

Abstract Views: 76

PDF Views: 0




  • Design and Implementation of Route-based VPN Tunnel on IPSEC VPN for Reliable and Secure Network

Abstract Views: 76  |  PDF Views: 0

Authors

B. Ramadasu
Department of CSE, CBIT, Hyderabad, India

Abstract


A virtual private network (VPN) provides a means for securely communicating between remote computers across a public wide area network (WAN), such as the Internet.A VPN connection can link two local area networks (LANs) or a remote dialup user and a LAN. The traffic that flows between these two points passes through shared resources such as routers, switches, and other network equipment that make up the public WAN. To secure VPN communication while passing through the WAN, the two participants create an IP Security (IPSec) tunnel1. An IPSec tunnel can provide the following security functions: Privacy (via encryption), Content integrity (via data authentication) and Sender authentication and-if using certificates-no repudiation (via data origin authentication). Juniper SRX Security devices supports the IPSec VPN tunnel formation not only using Policies, it can also be done by routing a traffic to a virtual interface called st0 interface which reduces the burden of policy verification. The aim is to configure a separate secure tunnel (st0) logical unit. With route-based VPNs, organizations define the VPN overlay links and then define the static routes that will be used for transport, allowing the route, to determine which traffic goes through the VPN. Static route-based VPNs separate the physical network from the abstract VPN network to simplify deployment and management. There are multiple ways to implement a hub-and-spoke VPN topology using the concepts of Route-Based VPNs.

Keywords


VPN, WAN, LAN, IPSec, SRX, ROUT, TUNNEL, IP, IS-AKMP, IKE

References