EasyManuals Logo

Siemens RUGGEDCOM ROX II User Manual

Siemens RUGGEDCOM ROX II
798 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #450 background imageLoading...
Page #450 background image
Chapter 12
Tunneling and VPNs
RUGGEDCOM ROX II
CLI User Guide
404 Managing IPsec Tunnels
Section12.8
Managing IPsec Tunnels
IPsec (Internet Protocol SECurity) uses strong cryptography to provide authentication and encryption services.
Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption
prevents unauthorized reading of packet contents.
These services allow secure tunnels to be built through untrusted networks. Everything passing through the
untrusted network is encrypted by the IPsec gateway and decrypted by the gateway at the other end. The result is
a Virtual Private Network (VPN), a network which is effectively private even though it includes machines at several
different sites connected by the insecure Internet.
For more information about IPsec tunnels, refer to Section12.8.1, “IPsec Tunneling Concepts”.
IMPORTANT!
IPsec is time-sensitive. To make sure proper re-keying between network peers, the time on both peers
must be synchronized. It is strongly recommended that NTP (Network Time Protocol) be used on
both IPsec peers to synchronize their clocks. For more information about configuring NTP, refer to
Section17.8, “Managing NTP Servers”.
CONTENTS
Section12.8.1, “IPsec Tunneling Concepts”
Section12.8.2, “Configuring IPsec Tunnels”
Section12.8.3, “Configuring Certificates and Keys”
Section12.8.4, “Viewing the IPsec Tunnel Status”
Section12.8.5, “Managing Pre-Shared Keys”
Section12.8.6, “Managing Connections”
Section12.8.7, “Managing the Internet Key Exchange (IKE) Protocol”
Section12.8.8, “Managing the Encapsulated Security Payload (ESP) Protocol”
Section12.8.9, “Configuring the Connection Ends”
Section12.8.10, “Managing Private Subnets”
Section12.8.11, “Example: Configuring an Encrypted VPN Tunnel”
Section12.8.1
IPsec Tunneling Concepts
The IPsec suite of protocols were developed by the Internet Engineering Task Force (IETF) and are required as part
of IP version 6. Libreswan is the open source implementation of IPsec used by RUGGEDCOM ROX II.
The protocols used by IPsec are the Encapsulating Security Payload (ESP) and Internet Key Exchange (IKE)
protocols. ESP provides encryption and authentication (ensuring that a message originated from the expected
sender and has not been altered on route). IKE negotiates connection parameters, including keys, for ESP. IKE is

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Siemens RUGGEDCOM ROX II and is the answer not in the manual?

Siemens RUGGEDCOM ROX II Specifications

General IconGeneral
BrandSiemens
ModelRUGGEDCOM ROX II
CategoryNetwork Hardware
LanguageEnglish

Related product manuals