Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Access for Remote Users Dr John S. Graham ULCC

Published byAshlee Holland Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Access for Remote Users Dr John S. Graham ULCC"— Presentation transcript:

1 Network Access for Remote Users Dr John S. Graham ULCC j.graham@ulcc.ac.uk

2 Review of Technologies Remote Site –Private Leased Lines Kilostream or Megastream Circuits LES –ISDN –EPS9 –ISP Remote User –Private Dialup Service –ISP

3 Site-to-Site Private Infrastructure

4 Traditional Dialup Service  High Costs  Support Burden  Limited to 56K Analogue Dialup  Limited Service Security Guaranteed

5 Virtual Private Network Highly Flexible Solution Uses Existing Infrastructure  Complex Security Issues

6 VPN Roadmap

7 Tunnelling Methods Layer III –GRE –IPSec Layer II –L2F –PPTP –L2TP

8 Layer 3 Tunnelling (GRE) TCPIPDataGREIP GRE TCPIPData passenger protocol encapsulating protocol carrier protocol

9 Tunnelling In Action IPGRETCPIPData Source62.49.38.138 Destination 192.168.17.26194.82.103.186 IPGRE TCPIPData 192.168.17.26

10 Layer 2 Tunnelling (L2TP) TCPIPDataL2TPUDPIPPPP TCPIPDataL2TPUDPIPPPPESP L2TP L2TP + IPSec TCPIPDataPPP

11 Layer 2 Tunnelling Modes Compulsory L2 Tunnelling Voluntary L2 Tunnelling

12 Authentication Peer Identity –Shared Secret –Digital Certificate Data Integrity –Digital Signatures User Identity –Kerberos – RADIUS

13 IP Security (IPSec) Protocols –Authentication Header –Encapsulating Security Payload –Internet Key Exchange Modes –Tunnel –Transport

14 IPSec Protocols Sequence Number Authentication Data SPI Next Header Payload Length Reserved Sequence Number SPI Authentication Data Data Next Header Pad Length Pad IV Authentication Header (51) Encapsulating Security Protocol (50)

15 IPSec Modes Tunnel Mode Transport Mode IPAH/ESPTCPIPDataAH/ESPTCPIPData

16 Equipment at Remote Site ‘Wires Only’ ADSL Connection –One Static IP Address Splitter Cisco 827H Router –Ethernet hub (4 ports) plus ATM port

17 Customer Installation

18 Router Configuration Routing Table NATIPSec Tunnel Dialer A1 A2 B1 B2 B3 Ethernet

19 IPSec Followed by NAT Immutable fields of outer IP header included in AH protocol’s ICV data. Transport mode IPSec renders TCP/UDP checksums invalid. Multiple incompatibilities between SA parameters and NAT. http://www.ietf.org/internet-drafts/draft-ietf-ipsec-nat-reqts-04.txt

20 Fragmentation Hell

21 http://www.ja.net/documents/

Download ppt "Network Access for Remote Users Dr John S. Graham ULCC"

Similar presentations

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.

McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.

Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
WAN Technologies Dial-up modem connections Cheap Slow

WAN Technologies Dial-up modem connections Cheap Slow
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
VIRTUAL PRIVATE NETWORKS (VPN). GROUP MEMBERS ERVAND AKOPYAN ORLANDO CANTON JR. JUAN DAVID OROZCO.

VIRTUAL PRIVATE NETWORKS (VPN). GROUP MEMBERS ERVAND AKOPYAN ORLANDO CANTON JR. JUAN DAVID OROZCO.
1 IP VPN Nikolay Scarbnik. 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5.

1 IP VPN Nikolay Scarbnik. 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5.
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.

VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.
K. Salah1 Security Protocols in the Internet IPSec.

K. Salah1 Security Protocols in the Internet IPSec.

Similar presentations

Ads by Google