cause the private data to be exposed to all the users on the Internet. The VPN (Virtual Private Network) technology is developed and used to establish the private network through the public network, which can guarantee a secured data exchange.
VPN adopts the tunneling technology to establish a private connection between two endpoints. It is a connection secured by encrypting the data and using
Figure 3-61 VPN – Network Topology
As the packets are encapsulated and de-encapsulated in the Router, the tunneling topology implemented by encapsulating packets is transparent to users. The tunneling protocols supported by TL-ER604W contain Layer 3 IPsec and Layer 2 L2TP/PPTP.
3.6.1 IKE
In the IPsec VPN, to ensure a secure communication, the two peers should encapsulate and
Actually IKE is a hybrid protocol based on three underlying security protocols, ISAKMP (Internet Security Association and Key Management Protocol), Oakley Key Determination Protocol, and SKEME Security Key Exchange Protocol. ISAKMP provides a framework for Key Exchange and SA (Security Association) negotiation. Oakley describes a series of key exchange modes. SKEME describes another key exchange mode different from those described by Oakley.
IKE consists of two phases. Phase 1 is used to negotiate the parameters, key exchange algorithm and encryption to establish an ISAKMP SA for securely exchanging more information in Phase 2. During phase 2, the IKE peers use the ISAKMP SA established in Phase 1 to negotiate the parameters for security protocols in IPsec and create IPsec SA to secure the transmission data.
3.6.1.1IKE Policy
On this page you can configure the related parameters for IKE negotiation.
Choose the menu VPN→IKE→IKE Policy to load the following page.