VPN Header

Printable View

June 16th, 2004, 06:37 AM
lovebugz

VPN Header

Hi all,

i have a question, pls answer me.
i am studying about network and yesterday i am learning about VPN.
i really wonder about VPN because it's so secure. But i am not understand how Router know VPN header. I mean, in normal, router know the packets where to go becuase it look source and destination address. But in VPN all Packets are encrypted. so how router know that packet should. pls answer me.

Thankz in adv

Lovebugz
June 16th, 2004, 09:12 AM
the_JinX

Simplified, it comes down to something like this..
In a normal packet it's like this..

[lan.header]
[data]

The VPN takes that at one end and encrypts it.. [lan.header]+[data]->[enc.data]
Then a new header is added and it is transmitted..

[internet.header]
[enc.data]

The other side of the VPN takes the encrypted data and recreates the origional packet..
[enc.data]->[lan.header]+[data]
And sends it allong..

[lan.header]
[data]

hope that helps..
June 16th, 2004, 10:35 AM
lovebugz

the_JinX

Thank you very much for your answer.
i am a little more clear VPN.
I am just a beginner in Network.
i have to study more.

Lovebugz
June 16th, 2004, 04:33 PM
DeadCr0w

Quote:

i have to study more.

Well you'll have to get used to it because the more you know about computers the more you realise you know nothing! :D
June 17th, 2004, 05:22 AM
lovebugz

Umm... so i should study more than more hE hE.....

By the way, pls answer me this... How VPN Tunnel negotiate?

thanks

Lovebugz
June 17th, 2004, 02:52 PM
hatebreed2000

The VPN Client works with a VPN device to create a secure connection, called a tunnel, between your computer and the private network. It uses Internet Key Exchange (IKE) and Internet Protocol Security (IPSec) tunneling protocols to make and manage the secure connection. Some of the steps include:

Negotiating tunnel parameters: addresses, algorithms, lifetime, etc.
Establishing tunnels according to the parameters.
Authenticating users: making sure users are who they say they are, via usernames, group names and passwords, and X.509 digital certificates.
Establishing user access rights: hours of access, connection time, allowed destinations, allowed protocols, etc.
Managing security keys for encryption and decryption.
Authenticating, encrypting, and decrypting data through the tunnel.

For example, to use a remote PC to read email at your organization, you connect to the Internet, then start the VPN Client and establish a secure connection through the Internet to your organization's private network. When you open your email, the VPN device uses IPSec to encrypt the email message; and it transmits the message through the tunnel to your VPN Client, which decrypts the message so you can read it on your remote PC. If you reply to the email message, the VPN Client uses IPSec to process and return the message to the private network through the VPN device.
June 18th, 2004, 11:25 AM
lovebugz

Thank you, hatebreed2000,

what is X.509 digital certificates? I don't know this thing.
could explain me more.

lovebugz
June 18th, 2004, 11:56 AM
the_JinX

WikiPedia to the rescue ;)

http://en.wikipedia.org/wiki/X.509

and more indepth the RFC

http://www.ietf.org/rfc/rfc3280.txt

should give you something to read..