![]() IPSec provides data authentication through the use of pre-shared keys or digital signatures. This ensures that information is originating from a valid source. Authentication – both VPN peers must prove their identity with each other.IPSec provides data integrity by using hashing mechanisms. Integrity – ensures that transmitted data must not be altered during its transit from sender to the destination. ![]() This means that the data should be available only to the intended recipient. Confidentiality – is referring to data encryption.The main goal of IPSec is to provide confidentiality, integrity, authentication and antireplay protection. Cisco introduced support for IKEv2 beginning with ASA version 8.4 but in this article we will focus only on the legacy IKEv1 implementation. The original IKE version 1 is defined in RFC 2409 and the IKE version 2 (IKEv2) is defined in RFC 5996. IPsec works by authenticating and encrypting each IP packet of a communication session and uses the Internet Key Exchange (IKE) protocol to negotiate and establish a secure VPN tunnel. Cisco ASA supports the IPsec protocol for configuring an site-to-site VPN tunnel. This can be achieved by using a site-to-site VPN setup which allows offices in multiple fixed locations to establish secure connections and share resources with each other over a public network such as the Internet. Many companies have multiple remote offices which need secure network connectivity with the headquarters or between them.
0 Comments
Leave a Reply. |