CSN11111

Network Security

VPN Security Protocols

Topic Title Topic Objective
VPN Overview Describe VPNs and their benefits.
VPN Topologies Compare remote-access and site-to-site VPNs.
Introducing IPsec Describe the IPsec protocol and its basic functions.
IPsec Protocols Compare AH and ESP protocols.
Internet Key Exchange Describe the IKE protocol.
Options Different Layers of Encryption
VPN Technology Options

Application Layer - Separate controls must be established for each

application.

 Transport Layer - Control at this layer can be used to protect the data in a
single communication session between two hosts. The most common use
for transport layer protocols is securing HTTP traffic; the Transport Layer
Security (TLS) protocol is usually used for this.

 Network Layer - Control at this layer can be applied to all applications;

thus, they are not application-specific.

 Data link layer - control are applied to all communications on a specific physical
link. Data link layer controls for dedicated circuits are most often provided
by specialized hardware devices known as data link encryptors.
VPN Overview
Virtual Private Networks

 To secure network traffic between sites and

users, organizations use virtual private
networks (VPNs) to create end-to-end private
network connections.
 A VPN is virtual in that it carries information
within a private network, but that information
is transported over a public network.
 A VPN is private in that the traffic is
encrypted to keep the data confidential while
it is transported across the public network.
 The figure shows a collection of various types
of VPNs managed by an enterprise’s main
site.
 The tunnel enables remote sites and users to
access main site’s network resources securely.
5

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
VPN Overview
VPN Benefits

 Modern VPNs now support encryption features, such as Internet Protocol Security
(IPsec) and Secure Sockets Layer (SSL) VPNs to secure network traffic between sites.
 Major benefits of VPNs are shown in the table.
Benefit Description
Cost Savings With the advent of cost-effective, high-bandwidth technologies,
organizations can use VPNs to reduce their connectivity costs while
simultaneously increasing remote connection bandwidth.

Security VPNs provide the highest level of security available, by using

advanced encryption and authentication protocols that protect data
from unauthorized access.
Scalability VPNs allow organizations to use the internet, making it easy to add
new users without adding significant infrastructure.
Compatibility VPNs can be implemented across a wide variety of WAN link options 6

including all the popular broadband technologies. Remote workers

can take advantage of these high-speed connections to gain secure
access to their corporate networks. © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
VPN Topologies
Site-to-Site and Remote-Access VPNs
 A site-to-site VPN is created when VPN terminating devices, also called VPN
gateways, are preconfigured with information to establish a secure tunnel. VPN
traffic is only encrypted between these devices. Internal hosts have no knowledge
that a VPN is being used.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
VPN Topologies
Site-to-Site and Remote-Access VPNs (Cont.)
 A remote-access VPN is dynamically created to establish a secure
connection between a client and a VPN terminating device. For example,
a remote access SSL VPN is used when you check your banking
information online.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
VPN Topologies
Remote-Access VPNs
 Remote-access VPNs are typically enabled dynamically by the user when
required.
 Remote access VPNs can be created using either IPsec or SSL.
 A remote user must initiate a remote access VPN connection.
 The figure displays two ways that a remote user can initiate a remote access
VPN connection: clientless VPN and client-based VPN.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
VPN Topologies
Difference between Site-to-Site VPN and Remote Access VPN
Definition Site-to-Site VPN is a type of VPN in Remote Access VPN is a type
which an entire network gets of VPN in which the multiple
connected under a secure shared resources from different
gateway so that the data can be sent locations get connected with a
and received with authentication. single private network using
various VPN client software
and gateways.

Network Setup In Site-to-Site VPN, only the In case of Remote Access VPN,
network of locations gets connected each client needs to set up the
via a secure tunnel and hence there is network which is required to
no need to set up a network for each get connected with the secure
client to access the target network. target network.
The VPN tunnel setup does not have Each remote access user must
to be initiated by every user. initiate the VPN tunnel
configuration.
VPN Topologies
Difference between Site-to-Site VPN and Remote Access VPN

Site-to-Site VPN is Remote Access VPN supports

implemented using IPsec both SSL and IPsec technology.
Implementation
technology only.

Site-to-Site VPN is widely Remote Access VPN is used for

used in Office LAN users of Roaming users who want to
branch offices that need to access resources/servers
Target User
connect to servers located at securely.
the headquarters.

 Remote Access VPNs and Site-to-Site VPNs may sound similar, yet they serve very
different functions.
 The most important point that you should note here is that a Remote Access VPN
connects remote users from any location to a corporate network, whereas a Site-to-Site
VPN connects individual networks with each other to create a shared network
VPN Topologies
SSL VPNs
 SSL uses the public key infrastructure and digital certificates to authenticate peers.

 Both IPsec and SSL VPN technologies offer access to virtually any network
application or resource.

 However, when security is an issue, IPsec is the superior choice.

 If support and ease of deployment are the primary issues, consider SSL.

 The type of VPN method implemented is based on the access requirements of the users
and the organization’s IT processes. The table compares IPsec and SSL remote access
deployments.

12

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
VPN Topologies
SSL VPNs
Feature IPsec SSL
Applications Extensive - All IP-based Limited - Only web-based
supported applications are supported. applications and file sharing are
supported.
Authentication Strong - Uses two-way Moderate - Using one-way or
strength authentication with shared keys or two-way authentication.
digital certificates.
Encryption Strong - Uses key lengths from 56 Moderate to strong - With key
strength bits to 256 bits. lengths from 40 bits to 256 bits.

Connection Medium - Because it requires a Low - It only requires a web

complexity VPN client pre-installed on a host. browser on a host.

13
Connection Limited - Only specific devices Extensive - Any device with a
option with specific configurations can web browser can connect.
connect. © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Overview

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Overview
IPsec Technologies

Using the IPsec framework, IPsec provides these

essential security functions:
 Confidentiality - IPsec uses encryption
algorithms to prevent cybercriminals from
reading the packet contents.
 Integrity - IPsec uses hashing algorithms to
ensure that packets have not been altered
between source and destination.
 Origin authentication - IPsec uses the
Internet Key Exchange (IKE) protocol to
authenticate source and destination. Methods
of authentication including using pre-shared
keys (passwords), digital certificates, or RSA
certificates.
 Diffie-Hellman - Secure key exchange
15
typically using various groups of the DH
algorithm.
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Overview
IPsec Technologies (Cont.)

The IPsec security functions are list in the table.

IPsec Function Description

IPsec Protocol The choices for IPsec Protocol include Authentication Header (AH) or Encapsulation
Security Protocol (ESP). AH authenticates the Layer 3 packet. ESP encrypts the Layer 3
packet. Note: ESP+AH is rarely used as this combination will not successfully traverse a
NAT device.
Confidentiality Encryption ensures confidentiality of the Layer 3 packet. Choices include Data
Encryption Standard (DES), Triple DES (3DES), Advanced Encryption Standard (AES),
or Software-Optimized Encryption Algorithm (SEAL).
Integrity Ensures that data arrives unchanged at the destination using a hash algorithm, such as
message-digest 5 (MD5) or Secure Hash Algorithm (SHA).
Authentication IPsec uses Internet Key Exchange (IKE) to authenticate users and devices that can carry
out communication independently. IKE uses several types of authentication, including
username and password, one-time password, biometrics, pre-shared keys (PSKs), and
digital certificates using the Rivest, Shamir, and Adleman (RSA) algorithm.
16

Diffie-Hellman IPsec uses the DH algorithm to provide a public key exchange method for two peers to
establish a shared secret key. There are several different groups to choose from
including DH14, 15, 16 and DH 19, 20, 21 and 24. DH1, 2 and 5 are no longer
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

recommended.
IPsec Overview
Common VPN Tunnelling Technologies and
Protocols
 Internet Security Protocol (IPSec)
 IPsec was developed by IETF (the Internet Engineering Task Force)
for secure transfer of information at the OSI layer three across a
public unprotected IP network, such as the Internet.
 IPsec enables a system to select and negotiate the
required security protocols, algorithm(s) and secret keys to be
used for the services requested.
 IPsec provides basic authentication, data integrity and
encryption services to protect unauthorised viewing and
modification of data.
 It makes use of two security protocols, AH (Authentication
header) and ESP (Encapsulated Security Payload), for
required services. However, IPsec is limited to only sending IP
packets
IPsec Overview
IPsec Protocol Encapsulation

 Choosing the IPsec protocol encapsulation is

the first building block of the framework.
 IPsec encapsulates packets using
Authentication Header (AH) or Encapsulation
Security Protocol (ESP).
 The choice of AH or ESP establishes which
other building blocks are available.
 AH is appropriate only when confidentiality is
not required or permitted. ESP provides both
confidentiality and authentication.

18

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Overview
Confidentiality

 Confidentiality is achieved by encrypting the

data. The degree of confidentiality depends on
the encryption algorithm and the length of the
key used in the encryption algorithm. The
shorter the key, the easier it is to break.
• DES uses a 56-bit key and should be avoided.
• 3DES uses three 56-bit encryption keys per 64-
bit block.
• AES offers three different key lengths: 128 bits,
192 bits, and 256 bits.
• SEAL is a stream cipher, encrypting data
continuously. It uses a 160-bit key.

19

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Overview
Integrity

 Data integrity means that the data that is

received is exactly the same data that
was sent.
• Message-Digest 5 (MD5) uses a 128-bit
shared-secret key. The variable-length
message and 128-bit shared-secret key
are combined and run through the
HMAC-MD5 hash algorithm producing
a 128-bit hash.
• The Secure Hash Algorithm (SHA) uses
a 160-bit secret key. The variable-length
message and 160-bit shared-secret key
are combined and run through the
HMAC-SHA-1 algorithm producing a
160-bit hash.
20

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Overview
Authentication

 When conducting business long distance,

the device on the other end of the VPN
tunnel must be authenticated before the
communication path is considered
secure.
• A pre-shared secret key (PSK) value is
entered into each peer manually. The
PSK is combined with other information
to form the authentication key.
• Rivest, Shamir, and Adleman (RSA)
authentication uses digital certificates to
authenticate peers.

21

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Overview
Authentication (Cont.)

 IPsec has two ways of authenticating a peer--via a pre-shared key or a certificate. While pre-
shared keys are easier to work with, they are generally considered less secure than a certificate.
 The RSA-encrypted nonces method uses the RSA encryption public key cryptography standard.
 It requires that each party generate a pseudo-random number (a nonce) and encrypt it in the
other party's RSA public key.
 Authentication occurs when each party decrypts the other party's nonce with a local private key
(and other publicly and privately available information) and then uses the decrypted nonce to 22

compute a keyed hash.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Overview
Secure Key Exchange with Diffie-Hellman

 Encryption algorithms require a symmetric,

shared secret key to perform encryption and
decryption.
 How do the encrypting and decrypting devices
get the shared secret key? The easiest key
exchange method is to use a public key
exchange method, such as Diffie-Hellman (DH).
DH provides a way for two peers to establish a
shared secret key that only they know, even
though they are communicating over an insecure
channel.
 Variations of the DH key exchange are specified
as DH groups. The DH group you choose must
be strong enough, or have enough bits, to protect
the IPsec keys during negotiation.
23

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Protocols

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Protocols
IPsec Protocol Overview

 The two main IPsec protocols are Authentication

Header (AH) and Encapsulation Security Protocol
(ESP).
 The IPsec protocol is the first building block of
the framework.
 The choice of AH or ESP establishes which other
building blocks are available.
 AH uses IP protocol 51 and is appropriate only
when confidentiality is not required or permitted.
 It provides data authentication and integrity, but it
does not provide data confidentiality (encryption).
 All text is transported unencrypted.
 ESP uses IP protocol 50 and provides both
confidentiality and authentication.
 Authentication provides data origin authentication
and data integrity. 25

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Protocols
Authentication Header
 IPsec makes use of the AH and ESP protocols to provide security services
AH (Authentication Header) protocol.
 Provides source authentication, and integrity of IP packets, but it does
not have encryption.
 Operates on top of IP using protocol 51
 An AH header added to the IP packet contains a hash of the data,
a sequence number etc., and information that can be used to verify the
sender, ensure data integrity and prevent replay attacks.
IPsec Protocols
Encapsulation Security Protocol
 If ESP is selected as the IPsec protocol, an encryption algorithm must also be selected.
The default algorithm for IPsec is 56-bit DES.
 ESP can also provide integrity and authentication.
 First, the payload is encrypted. Next, the encrypted payload is sent through a hash
algorithm.
 The hash provides authentication and data integrity for the data payload.

 Optionally, ESP can also enforce anti-replay protection which verifies that each packet is
unique and is not duplicated. This protection ensures that a hacker cannot intercept packets
and insert changed packets into the data stream.

 Anti-replay works by keeping track of packet sequence numbers and using a sliding
window on the destination end.

 When a connection is established between a source and destination, their counters are
initialized at zero. Each time a packet is sent, a sequence number is appended to the packet
by the source. The destination uses the sliding window to determine which sequence 27

numbers are expected. The destination verifies that the sequence number of the packet is
not duplicated and is received in the correct order.
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Protocols
Encapsulation Security Protocol
ESP (Encapsulated Security Payload) protocol.
 Provides data confidentiality, in addition to source authentication and
integrity. ESP uses symmetric encryption algorithms, such as 3DES, to
provide data privacy.
 Uses IP protocol 50
 The algorithm needs to be the same on both communicating peers.
 ESP can also support encryption-only or authentication-only
configurations.
IPsec Protocols
ESP Encrypts and Authenticates

 When both authentication and encryption are selected,

encryption is performed first.
 One reason for this order of processing is that it
facilitates rapid detection and rejection of replayed or
bogus packets by the receiving device.
 Prior to decrypting the packet, the receiver can
authenticate inbound packets.

 IPsec was initially established to provide security for

IPv6 packets. Therefore, the IPsec implementations for
IPv4 and IPv6 are similar as far as the standards are
concerned.
 In IPv4, AH and ESP are IP protocol headers. IPv6 uses
the extension headers with a next-header value of 50 for
ESP and 51 for AH.
29

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Protocols
IPsec Protocols
Transport and Tunnel Modes
Each security protocol supports two modes of operation:

 Transport Mode - In transport mode, security

is provided only for the transport layer of the
OSI model and above. Transport mode protects
the payload of the packet but leaves the original
IP address in plaintext. The original IP address
is used to route the packet through the internet.
ESP transport mode is used between hosts.

 Tunnel Mode - Tunnel mode provides security

for the complete original IP packet. The
original IP packet is encrypted and then it is
encapsulated in another IP packet. This is
known as IP-in-IP encryption. The IP address
on the outside IP packet is used to route the
packet through the internet. 31

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IPsec Protocols
Mode of Operation

 Tunnel mode (end-to-end)

 Here the entire packet is protected.

The original IP packet, with original destination address, is inserted into a
new IP packet and the AH and ESP are applied to the new packet.
 The new IP header points to the end point of the tunnel.
 Upon receipt of the packet, the tunnel end point will decrypt the content
and the original packet is further routed to its final destination in the
target network
IPsec Protocols
Modes of Operation
 Transport mode (host-to-host)
Here the AH and ESP headers are applied to the data of the original IP
packet.
 The mode encrypts and / or authenticates the data but not the IP header.
 The overhead added is less than that required in tunnel mode.
 However, the final destination and source addresses could be sniffed.
Attackers can perform traffic analysis based on header information in
this type of header.
It is generally only used for host-to-host connections
IPsec Protocols
Mode of Operation
ESP (Encapsulating Security Payload) Protocol
 Transport mode (host-to-host)
ESP is the more popular choice of the two since it allows you to encrypt IP
traffic. We can use it in transport or tunnel mode, let’s look at both
 When we use transport mode, we use the original IP header and insert an ESP
header. Here’s what it looks like:
 we add an ESP header and trailer. Our transport layer (TCP for example) and
payload will be encrypted. It also offers authentication but unlike AH, it’s not
for the entire IP packet.
IPsec Protocols
Mode of Operation
ESP (Encapsulating Security Payload) Protocol
 Tunnel mode
 How about ESP in tunnel mode? This is where we use a new IP header
which is useful for site-to-site VPNs:
 It’s similar to transport mode but we add a new header. The original IP
header is now also encrypted.
IPsec Protocols
Mode of Operation
Tunnel versus Transport Mode
IP HDR Data

Transport mode
ESP ESP
IP HDR ESP HDR Data Trailer Auth

Encrypted
Authenticated

Tunnel mode
ESP ESP
New IP HDR ESP HDR IP HDR Data Trailer Auth

Encrypted
Authenticated
IPsec Protocols
NAT Traversal and PAT
 Network Address Translation (NAT) involves changes in packet headers to
allow private IP addresses to be translated in to global routable address.

 Port Address Translation (PAT), is an extension to NAT which allows multiple devices
on a local area network (LAN) to be mapped to a single public IP address. The goal of
PAT is to conserve IP addresses.

 Any attempt to perform a NAT / PAT operation on IPsec packets creates issues, because
IPsec authenticates all packets in Tunnel Mode. This means that packets must remain
unaltered for the sake of data integrity. If you need to translate TCP or UDP
communications from hosts on a private network to hosts on a public network and vice
versa, you must use NAT Traversal. If enabled, NAT Traversal inserts a UDP header
with destination port 4500 right before the ESP header. The inserted UDP header can be
translated (modified), while keeping the original IP header intact (illustrated below).
This way, the packet can reach its final destination intact.
NAT Traversal and PAT
Internet Key Exchange

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Internet Key Exchange
The IKE Protocol

 IKE enhances IPsec by adding features and

simplifies configuration for the IPsec
standard.

 IKE is a hybrid protocol that implements key

exchange protocols inside the Internet
Security Association Key Management
Protocol (ISAKMP) framework.

 Instead of transmitting keys directly across a

network, IKE calculates shared keys based on
the exchange of a series of data packets.

 UDP port 500 packets must be permitted on

any IP interface that is connecting a security
gateway peer. 40

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Internet Key Exchange
Phase 1 and 2 Key Negotiation

 IKE uses ISAKMP for phase 1 and phase 2

of key negotiation.
 Phase 1 negotiates a security association (a
key) between two IKE peers.
 The key negotiated in phase 1 enables IKE
peers to communicate securely in phase 2.
 During phase 2 negotiation, IKE
establishes keys (security associations) for
other applications, such as IPsec.
 In Phase 1, two IPsec peers perform the
initial negotiation of SAs.
 The basic purpose of Phase 1 is to negotiate
ISAKMP policy, authenticate the peers,
and set up a secure tunnel between the
peers.
 This tunnel will then be used in Phase 2 to
41
negotiate the IPsec policy.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Internet Key Exchange
Phase 2: Negotiating SAs

 IKE Phase 2 is called quick mode and can only occur after IKE has established a secure
tunnel in Phase 1.
 Quick mode negotiates the IKE Phase 2 SAs.
 In this phase, the SAs that IPsec uses are unidirectional; therefore, a separate key
exchange is required for each data flow.

42

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Internet Key Exchange
 IPsec supports two types of key management over the Internet: automated and
manual
Automated Key Management
IKE (Internet Key Exchange) is the default protocol used in IPsec to
determine and negotiate protocols, algorithms and keys, and to
authenticate the two parties. It is useful for widespread, scalable
deployments and implementations of VPN.

Supports the Network Address Translation (NAT) traversal and provides

more flexibility.

Users authenticate by first signing the data with their digital

signature key.

The other endpoint will then verify the signature.

KE creates an authenticated, secure tunnel between two entities, then

negotiates a security association (SA) between the two entities, and
exchanges key(s).
SA is a set of parameters used by negotiating peers to define the services
and mechanisms for protecting traffic
Internet Key Exchange
Internet Key Exchange
How IPSec Works

1. "Interesting Traffic" initiates the IPSec process. Traffic is

deemed interesting when the IPSec security policy configured in the IPSec peers
starts the IKE process.

2. IKE phase 1. IKE authenticates IPSec peers and negotiates IKE SAs during
this phase, setting up a secure channel for negotiating IPSec SAs in phase 2.

3. IKE phase 2. IKE negotiates IPSec SA parameters and sets up matching IPSec
SAs in the peers.

4. Data transfer. Data is transferred between IPSec peers based on the IPSec
parameters and keys stored in the SA database.

5. IPSec tunnel termination. IPSec SAs terminate through deletion or by timing

out.
Internet Key Exchange
Five Steps of IPSec
Internet Key Exchange
Step 1-Defining Interesting Traffic
 What type of traffic is deemed interesting is determined as part of formulating a
security policy for use of a VPN.
 Traffic is considered interesting when it travels between the peers and meets the
criteria that are defined in an ACL.
 The policy is then implemented in the configuration interface for each particular
IPSec peer.
 The access lists are assigned to a cryptography policy; the policy's permit
statements indicate that the selected traffic must be encrypted, and deny statements
indicate that the selected traffic must be sent unencrypted.
 When interesting traffic is generated or transits the IPSec client, the client initiates
the next step in the process, negotiating an IKE phase 1 exchange.
Internet Key Exchange
Step 2 IKE Phase 1
 The basic purpose of IKE phase 1 is to authenticate the IPSec peers and to set up a
secure channel between the peers to enable IKE exchanges. IKE phase 1 performs the
following functions:

 Authenticates and protects the identities of the IPSec peers

 Negotiates a matching IKE SA policy between peers to protect the IKE exchange

 Performs an authenticated Diffie-Hellman exchange with the end result of having

matching shared secret keys

 Sets up a secure tunnel to negotiate IKE phase 2 parameters

 IKE phase 1 occurs in two modes: main mode and aggressive mode. These modes are
described in the following sections.
Internet Key Exchange
Step 2 - IKE Phase 1

Host A Host B
Router A Router B

IKE Phase 1
10.0.1.3 10.0.2.3

Negotiate the Negotiate the

policy policy

Diffie-Hellman Diffie-Hellman
exchange exchange

Verify the peer Verify the peer

identity identity
Internet Key Exchange
IKE Policy Sets

Host A Host B
Router A Router B

Negotiate IKE Proposals

10.0.1.3 10.0.2.3

Policy 10 Policy 15
DES DES
MD5 MD5
pre-share IKE Policy Sets pre-share
DH1 DH1
lifetime lifetime

Policy 20
3DES
SHA
pre-share
DH1
lifetime

Negotiates matching IKE policy sets to protect IKE exchange

Internet Key Exchange
Diffie-Hellman Key Exchange
The DH group determines the strength of the key that is used in the key
exchange process. The higher group numbers are more secure but take
longer to compute.
Terry Alex
public key B public key A
+ private key A + private key B
shared secret shared secret
key (BA)
Key = Key
key (AB)

Pay to Terry Smith

Pay to Terry Smith $100.00 $100.00
One Hundred and xx/100 Dollars
Encrypt Decrypt One Hundred and xx/100 Dollars

4ehIDx67NMop9eR 4ehIDx67NMop9eR
Internet
U78IOPotVBn45TR U78IOPotVBn45TR
Internet Key Exchange
Authenticate Peer Identity

Remote office
Corporate office

Internet

HR servers

Peer authentication
Peer authentication methods
– Pre-shared keys
– RSA signatures (Rivest-Shamir Adelman Algorithm) -is an asymmetric
algorithm that is commonly used for generating and verifying digital signatures.
– RSA encrypted nonces
Internet Key Exchange
Step 3 - IKE Phase 2
 The purpose of IKE phase 2 is to negotiate IPSec SAs to set up the IPSec tunnel.
IKE phase 2 performs the following functions:
•Negotiates IPSec SA parameters protected by an existing IKE SA
•Establishes IPSec security associations
•Periodically renegotiates IPSec SAs to ensure security
•Optionally performs an additional Diffie-Hellman exchange

Host A Host B
Router A Router B

10.0.1.3 Negotiate IPSec 10.0.2.3

security parameters
Internet Key Exchange
IPSec Transform Sets

Host A Host B
Router A Router B

Negotiate transform sets

10.0.1.3 10.0.2.3

Transform set 30 Transform set 55

ESP ESP
3DES 3DES
SHA IPSec Transform Sets SHA
Tunnel Tunnel
Lifetime Lifetime

Transform set 40
ESP
• A transform set is a combination
DES
MD5
of algorithms and protocols that
Tunnel
Lifetime
enact a security policy for traffic.
Internet Key Exchange
Step 4 - IPSec Session

 After IKE phase 2 is complete and quick mode has established IPSec
SAs, information is exchanged via an IPSec tunnel.
 Packets are encrypted and decrypted using the encryption specified
in the IPSec SA.

Host A Host B
Router A Router B

IPSec session

 SAs are exchanged between peers.

 The negotiated security services are applied to the
traffic.
Internet Key Exchange
Step 5 - Tunnel Termination
Host A Host B
Router A Router B

IPSec tunnel

A tunnel is terminated
By an SA lifetime timeout

If the packet counter is exceededRemoves

IPSec SA

 When the SAs terminate, the keys are also discarded.

 When subsequent IPSec SAs are needed for a flow, IKE performs a new phase 2 and, if
necessary, a new phase 1 negotiation.
 A successful negotiation results in new SAs and new keys.
 New SAs can be established before the existing SAs expire, so that a given flow can
continue uninterrupted.
Internet Key Exchange
IPsec Best Practices

 Use IPsec to provide integrity in addition to encryption.

 Use ESP option
 Use strong encryption algorithms 3DES and AES instead of DES
 Use SHA instead of MD5 as a hashing algorithm
 Reduce the lifetime of the Security Association (SA) by
enabling Perfect Forward Secrecy (PFS)
 Increases processor burden so do this only if data is highly
sensitive
 IPSec Configuration Examples
Site 1 Site 2
RouterA RouterB
Internet
10.0.1.3 10.0.2.3
E0/1 172.30.1.2 E0/1 172.30.2.2
RouterA# show running config RouterB# show running config
crypto ipsec transform-set mine esp-des crypto ipsec transform-set mine esp-des
! !
crypto map mymap 10 ipsec-isakmp crypto map mymap 10 ipsec-isakmp
set peer 172.30.2.2 set peer 172.30.1.2
set transform-set mine set transform-set mine
match address 110 match address 101
! !
interface Ethernet 0/1 interface Ethernet 0/1
ip address 172.30.1.2 255.255.255.0 ip address 172.30.2.2 255.255.255.0
no ip directed-broadcast no ip directed-broadcast
crypto map mymap crypto map mymap
! !
access-list 110 permit tcp 10.0.1.0 access-list 101 permit tcp 10.0.2.0
0.0.0.255 10.0.2.0 0.0.0.255 0.0.0.255 10.0.1.0 0.0.0.255
Test and Verify IPSec
Display your configured IKE policies.
show crypto isakmp policy
Display your configured transform sets.
show crypto ipsec transform set
Display the current state of your IPSec SAs.
show crypto ipsec sa
Display your configured crypto maps.
show crypto map

Enable debug output for IPSec events.

debug crypto ipsec

Enable debug output for ISAKMP events.

debug crypto isakmp
The show crypto isakmp policy Command
Site 1 Site 2
RouterA RouterB
Internet
10.0.1.3 10.0.2.3
router#
show crypto isakmp policy
RouterA# show crypto isakmp policy
Protection suite of priority 110
encryption algorithm: DES - Data Encryption Standard (56 bit keys).
hash algorithm: Message Digest 5
authentication method: Rivest-Shamir-Adleman Encryption
Diffie-Hellman group: #1 (768 bit)
lifetime: 86400 seconds, no volume limit
Default protection suite
encryption algorithm: DES - Data Encryption Standard (56 bit keys).
hash algorithm: Secure Hash Standard
authentication method: Rivest-Shamir-Adleman Signature
Diffie-Hellman group: #1 (768 bit)
lifetime: 86400 seconds, no volume limit
The show crypto ipsec transform-set Command

Site 1 Site 2
RouterA RouterB
Internet
10.0.1.3 10.0.2.3
E0/1 172.30.1.2 E0/1 172.30.2.2

router#
show crypto ipsec transform-set

RouterA# show crypto ipsec transform-set

Transform set mine: { esp-des }
will negotiate = { Tunnel, },
• View the currently defined transform sets.
The show crypto ipsec sa Command
Site 1 Site 2
RouterA RouterB
Internet
10.0.1.3 10.0.2.3
E0/1 172.30.1.2 E0/1 172.30.2.2
router#
show crypto ipsec sa
RouterA# show crypto ipsec sa
interface: Ethernet0/1
Crypto map tag: mymap, local addr. 172.30.1.2
local ident (addr/mask/prot/port): (172.30.1.2/255.255.255.255/0/0)
remote ident (addr/mask/prot/port): (172.30.2.2/255.255.255.255/0/0)
current_peer: 172.30.2.2
PERMIT, flags={origin_is_acl,}
#pkts encaps: 21, #pkts encrypt: 21, #pkts digest 0
#pkts decaps: 21, #pkts decrypt: 21, #pkts verify 0
#send errors 0, #recv errors 0
local crypto endpt.: 172.30.1.2, remote crypto endpt.: 172.30.2.2
path mtu 1500, media mtu 1500
current outbound spi: 8AE1C9C
The show crypto map Command

Site 1 Site 2
RouterA RouterB
Internet
10.0.1.3 10.0.2.3
E0/1 172.30.1.2 E0/1 172.30.2.2
router#
show crypto map
• View the currently configured crypto maps.

RouterA# show crypto map

Crypto Map "mymap" 10 ipsec-isakmp
Peer = 172.30.2.2
Extended IP access list 102
access-list 102 permit ip host 172.30.1.2 host
172.30.2.2
Current peer: 172.30.2.2
Security association lifetime: 4608000 kilobytes/3600 seconds
PFS (Y/N): N
Transform sets={ mine, }
debug crypto Commands

router#
debug crypto ipsec

• Displays debug messages about all IPSec actions.

router#
debug crypto isakmp

• Displays debug messages about all ISAKMP actions.

18.6 VPNs Summary

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
VPNs Summary
What Did I Learn in this Module?

• Organizations use virtual private networks (VPNs) to create end-to-end private

network connections that are transported over a public network.
• VPNs support encryption features, such as IPsec and SSL to secure network traffic
between sites.
• Site-to-site VPNs are created when VPN gateways are preconfigured with
information to establish a secure tunnel.
• Remote access VPNs (clientless and client-based) are used to securely connect
remote and mobile users to the enterprise by creating a secure tunnel.
• IPsec is a framework used to define how a VPN connection will ensure
confidentiality, integrity, and origin authentication.
• When establishing a VPN link, the peers must share the same SA to negotiate key
exchange parameters, establish a shared key, authenticate each other, and negotiate
the encryption parameters.
• The two main IPsec protocols are AH and ESP, which can be applied to IP packets
using transport mode or tunnel mode.

66

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
VPNs Summary
What Did I Learn in this Module? (Cont.)

• The IKE protocol is a key management protocol standard that is used to automatically
negotiate IPsec security associations and enable IPsec secure communications.
• IKE uses ISAKMP for phase 1 and phase 2 of key negotiation. Phase 1 negotiates a security
association (a key) between two IKE peers. During phase 2 negotiation, IKE establishes keys
(security associations) for other applications, such as IPsec.

67

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ANY QUESTIONS ...