TECHNICAL PRODUCT DESCRIPTION     2/221 02-CRA 119 1170/1-V1 Uen B    

IPsec VPN Overview

© Ericsson AB 2009–2010. All rights reserved. No part of this document may be reproduced in any form without the written permission of the copyright owner.

Disclaimer

The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Ericsson shall have no liability for any error or damage of any kind resulting from the use of this document.

Trademark List

SmartEdge is a registered trademark of Telefonaktiebolaget LM Ericsson.
NetOp is a trademark of Telefonaktiebolaget LM Ericsson.

Contents

1IPsec VPN Overview
1.1IPsec Services
1.2IPsec Protocols
1.3Security Associations
1.4Key Management and Distribution
1.5Security Association Negotiation
1.6Phase 1 Negotiation Modes
1.7Diffie-Hellman Exchange
1.8Perfect Forward Secrecy
1.9IPsec VPN Implementation Concepts

Glossary

Reference List


1   IPsec VPN Overview

The IP Security (IPsec) Virtual Private Network (VPN) application provided by the security service on the ASE card enables support of IPsec on site-to-site tunnels between two security gateways.

An IPsec VPN session consists of two tasks: setting up the IPsec tunnel and securing the traffic for the duration of the session.

In the tunnel setup portion of the session, IPsec uses Internet Key Exchange (IKE) for two sets of negotiations:

IPsec applies protection to the data packets exchanged between the two parties on the tunnel by using the security parameters that the parties negotiated during Phase 2 of the tunnel setup phase.

1.1   IPsec Services

IPsec secures a VPN by providing several security services:

1.2   IPsec Protocols

IPsec consists of two main protocols: the Authentication Header (AH) protocol supports authentication only, and the Encapsulating Security Payload (ESP) protocol supports both encryption and authentication.

Authentication is a method of verifying the identity of the sender of traffic on the network. Encryption is a method of making the content of a message unreadable to viewers of the message without a special key that decrypts the message.

Each protocol supports two modes of use: transport mode and tunnel mode. In transport mode, AH and ESP provide protection primarily for next layer protocols; in tunnel mode, AH and ESP are applied to tunneled IP packets. Tunnel mode is the only mode supported in this release.

1.2.1   AH

The AH protocol enables you to provide source and content authentication of a packet. AH uses a hashing algorithm that breaks up messages into fixed size blocks and then applies security procedures to them to authenticate them. To authenticate a packet using the Hash-Based Message Authentication Code (HMAC) technique, a secret key is applied along with either a Message Digest 5 (MD5) or Secure Hash Algorithm-1 (SHA-1) function. Both MD5 and SHA-1 are cryptographic hash functions; MD5 produces a 16-byte hash, whereas SHA-1 results in a 20-byte hash value.

1.2.2   ESP

The ESP protocol enables you to provide data confidentiality as well as source and content authentication. ESP in tunnel mode encapsulates the entire IP packet (header and payload) and then adds a new IP header to the front of the encrypted packet. This new IP header contains the destination address needed to route the protected data through the network.

With ESP, you can both encrypt and authenticate. You can also choose to encrypt only or to simply authenticate. For encryption, you can choose one of the following cryptographic algorithms

1.3   Security Associations

Setting up each IPsec tunnel in a VPN using IKE involves an IKE initiator and an IKE responder to negotiate the security parameters that will be used to create a Security Association (SA). An SA defines security parameters for protecting packets exchanged between each side of the connection. Each SA is uniquely identified by a Security Parameter Index (SPI), destination IP address, and security protocol. The security protocol can be either AH or ESP used by the connection. The SPI is a 32-bit value that is assigned by the receiver. An SA also specifies the authentication and encryption algorithms used to secure traffic.

An SA may involve either AH only or ESP only or both.

Two types of SAs are negotiated for an IPsec VPN

1.4   Key Management and Distribution

Key management and distribution is an important part of using VPNs. IPsec supports two key management and distribution methods for SAs: manual and dynamic.

The keys for SAs can be configured in two ways

1.5   Security Association Negotiation

To agree on the IPsec VPN connection parameters for an IPsec tunnel using IKE, a two-phase negotiation process is performed, consisting of Phase 1 (IKE Security Negotiation), and Phase 2 (IPsec Security Negotiation). In Phase 1, two ISAKMP peers establish an ISAKMP SA. In Phase 2, a pair of unidirectional IPsec SAs that provide security to data traffic are negotiated. IKE performs several major tasks in both phases, including negotiating ISAKMP and IPsec SAs, and performing Diffie-Hellman exchanges.

The starting point for dynamic negotiations is a proposal. Each peer provides the other peer one or more proposals that it supports in a policy. An IKE policy contains IKE proposals and an IPsec proposal contains IPsec proposals. A proposal defines authentication and encryption parameters used for negotiations. The negotiations proceed as follows:

To set up the IPsec VPN connection parameters for a manual mode IPsec tunnel, IPsec SAs that provide confidentiality to data traffic are provisioned. Each peer provides the other peer one or more manually configured IPsec SAs that it supports, and the agreed upon IPsec SAs enable the securing of the data traffic in each direction across the IPsec tunnel using a set of matching authentication and encryption settings.

1.6   Phase 1 Negotiation Modes

Phase 1 negotiates the ISAKMP SAs that secure signalling communications.

IKE can operate in one of two modes during Phase 1: Aggressive mode and Main mode. Each has a specific role, advantages, and disadvantages.

1.7   Diffie-Hellman Exchange

A Diffie-Hellman exchange allows parties in a communication session to produce a shared secret key over an unsecured channel. A Diffie-Hellman exchange is configured using a DH group. There are a number of DH groups defined; DH groups 1, 2 and 5 are supported in the current release.

Diffie-Hellman exchange is used in both Phase 1 and Phase 2 negotiations. In Phase 1, each IKE proposal specifies a DH group setting. In Phase 2, an additional DH group is specified when Perfect Forward Secrecy (PFS) is enabled.

1.8   Perfect Forward Secrecy

PFS is a service provided by the IKE protocol to preserve the integrity of keys. PFS ensures that compromise of a single key permits access to only data protected by that key. For PFS to exist, the key used to protect transmission of data is never used to derive any additional keys, or the material used to derive a key is not used to derive additional keys. When PFS is enabled, additional processing to ensure that the material used to derive individual keys is used only once and then deleted.

1.9   IPsec VPN Implementation Concepts

IPsec VPNs are of two types: a site-to-site VPN, which is a permanent connection between two peers in a network, and a remote access VPN, which is a connection between a remote-access client and a VPN gateway to a private network. In the current release of Security Services, only site-to-site VPNs are supported.

Two methods exist for specifying how the traffic on an IPsec VPN is selected for encryption: route-based or policy-based. In a route-based VPN, routing determines which traffic is sent an IPsec tunnel. In a policy-based VPN, Access Control List (ACL) rules are typically used to select the subset of traffic that is forwarded over an IPsec tunnel. In the current release, only route-based traffic selection is supported.

1.9.1   Site-to-Site VPNs

A site-to-site VPN secures traffic on the Internet. It is also used to connect networks, such as those of a remote office and a corporate center. VPN gateways are typically used at each site to secure the traffic. The VPN gateway encapsulates and encrypts outbound traffic and sends it through an IPsec tunnel over the Internet. When the peer VPN gateway receives the data, it removes headers and decrypts the data, sending the packet towards the target host inside its local private network.

For instructions on how to define a site-to-site IPsec VPN, see Reference [1].

1.9.2   Remote Access VPNs

Remote access VPNs connect individual nodes or users to private or corporate networks. An example is a telecommuter who needs to securely access the company’s network over the Internet. In a remote access VPN, all hosts have VPN client software. The host attempts to transmit information and the VPN client software encapsulates and encrypts that traffic before sending it over the Internet to the VPN gateway at the destination network.

Currently, the SmartEdge® OS does not support remote access VPNs.


Glossary

3DES
Triple DES
 
ACL
Access Control List
 
AES
Advanced Encryption Standard
 
AH
Authentication Header
 
DES
Data Encryption Standard
 
ESP
Encapsulating Security Payload
 
HMAC
Hash-Based Message Authentication Code
 
IKE
Internet Key Exchange
 
IPsec
IP Security
 
ISAKMP
Internet Security Association and Key Management Protocol
 
MD5
Message Digest 5
 
PFS
Perfect Forward Secrecy
 
SA
Security Association
 
SHA-1
Secure Hash Algorithm-1
 
SPI
Security Parameter Index
 
VPN
Virtual Private Network

Reference List

[1] IPsec VPN Configuration and Operation Using the SmartEdge OS CLI, 2/1543-CRA 119 1170/1.