VPN Header
Results 1 to 8 of 8

Thread: VPN Header

  1. #1
    Member
    Join Date
    Oct 2003
    Posts
    32

    VPN Header

    Hi all,

    i have a question, pls answer me.
    i am studying about network and yesterday i am learning about VPN.
    i really wonder about VPN because it's so secure. But i am not understand how Router know VPN header. I mean, in normal, router know the packets where to go becuase it look source and destination address. But in VPN all Packets are encrypted. so how router know that packet should. pls answer me.

    Thankz in adv


    Lovebugz

  2. #2
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    Simplified, it comes down to something like this..
    In a normal packet it's like this..


    [lan.header]
    [data]


    The VPN takes that at one end and encrypts it.. [lan.header]+[data]->[enc.data]
    Then a new header is added and it is transmitted..


    [internet.header]
    [enc.data]


    The other side of the VPN takes the encrypted data and recreates the origional packet..
    [enc.data]->[lan.header]+[data]
    And sends it allong..


    [lan.header]
    [data]


    hope that helps..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  3. #3
    Member
    Join Date
    Oct 2003
    Posts
    32
    the_JinX

    Thank you very much for your answer.
    i am a little more clear VPN.
    I am just a beginner in Network.
    i have to study more.

    Lovebugz

  4. #4
    Member
    Join Date
    Jan 2002
    Posts
    82
    i have to study more.

    Well you'll have to get used to it because the more you know about computers the more you realise you know nothing!

  5. #5
    Member
    Join Date
    Oct 2003
    Posts
    32
    Umm... so i should study more than more hE hE.....

    By the way, pls answer me this... How VPN Tunnel negotiate?

    thanks

    Lovebugz

  6. #6
    Senior Member
    Join Date
    Nov 2002
    Posts
    339
    The VPN Client works with a VPN device to create a secure connection, called a tunnel, between your computer and the private network. It uses Internet Key Exchange (IKE) and Internet Protocol Security (IPSec) tunneling protocols to make and manage the secure connection. Some of the steps include:

    Negotiating tunnel parameters: addresses, algorithms, lifetime, etc.
    Establishing tunnels according to the parameters.
    Authenticating users: making sure users are who they say they are, via usernames, group names and passwords, and X.509 digital certificates.
    Establishing user access rights: hours of access, connection time, allowed destinations, allowed protocols, etc.
    Managing security keys for encryption and decryption.
    Authenticating, encrypting, and decrypting data through the tunnel.

    For example, to use a remote PC to read email at your organization, you connect to the Internet, then start the VPN Client and establish a secure connection through the Internet to your organization's private network. When you open your email, the VPN device uses IPSec to encrypt the email message; and it transmits the message through the tunnel to your VPN Client, which decrypts the message so you can read it on your remote PC. If you reply to the email message, the VPN Client uses IPSec to process and return the message to the private network through the VPN device.
    Don\'t be a bitch! Use Slackware.

  7. #7
    Member
    Join Date
    Oct 2003
    Posts
    32
    Thank you, hatebreed2000,

    what is X.509 digital certificates? I don't know this thing.
    could explain me more.


    lovebugz

  8. #8
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    WikiPedia to the rescue

    http://en.wikipedia.org/wiki/X.509

    and more indepth the RFC

    http://www.ietf.org/rfc/rfc3280.txt

    should give you something to read..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •