length) are inserted between the original IP
header and ESP header. The total length, protocol, and
checksum fields are changed to match this modification.
Note
NAT keepalives can be used to keep the
dynamic NAT mapping alive during a connection between two
peers. NAT keepalives are UDP packets with an unencrypted
payload of 1 byte. By default, no NAT keepalives are sent.
Mode Configuration Option
Mode configuration is an
option for pushing system parameters (for example, IP address
and DNS attributes) to the peer, which is usually the client in
a remote access VPN. The mode configuration option is used
extensively for Easy VPN. Easy VPN allows remote clients to
receive security policies from a Cisco Easy VPN Server,
minimizing configuration requirements at the client.
Extended Authentication
Xauth is based on the IKE
protocol. Xauth allows authentication, authorization, and
accounting (AAA) methods to perform user authentication in a
separate phase after the IKE authentication Phase 1 exchange.
Xauth does not replace IKE. IKE allows for device
authentication while Xauth allows for user authentication,
which occurs after IKE device authentication. A user
authentication option can be a generic username and password,
Challenge Handshake Authentication Protocol (CHAP), one-time
passwords (OTPs), or Secure Key (S/Key).
Content
3.2 Understanding IPsec Components and IPsec VPN
Features 3.2.6 ESP and AH Protocols, Transport,
and Tunnel Modes These two IP protocols are used in the
IPsec standard: - ESP: The ESP header (IP
protocol 50) forms the core of the IPsec protocol. This
protocol, in conjunction with an agreed-upon encryption method
or transform set, protects data by rendering the data
undecipherable. This protocol protects only the data portion of
the packet. This protocol can optionally also provide for
authentication of the protected data.
- AH: The
other part of IPsec is formed by the AH protocol (IP protocol
51). The AH does not protect data in the usual sense by hiding
the data but by adding a tamper-evident seal to the data. This
protocol also protects fields in the IP header carrying the
data, including the address fields of the IP header. The AH
protocol should not be used alone when data confidentiality is
required.
IPsec has two methods of forwarding data
across a network, tunnel mode and transport mode, which differ
in their application and in the amount of overhead added to the
passenger packet: - Tunnel mode: Tunnel mode
works by encapsulating and protecting an entire IP packet.
Because tunnel mode encapsulates or hides the IP header of the
packet, a new IP header must be added for the packet to be
successfully forwarded. The encrypting devices themselves own
the IP addresses that are used in this new header. These
addresses can be specified in the configuration of Cisco IOS
routers. Tunnel mode can be used with either ESP or AH or with
both. Tunnel mode results in an additional packet expansion of
approximately 20 bytes because of the new IP header.
-
Transport mode: Because packet expansion can be a
concern during the forwarding of small packets, a second
forwarding method is also possible. IPsec transport mode works
by inserting the ESP header between the IP header and the next
protocol or the Transport layer of the packet. Both IP
addresses of the two network nodes whose traffic is being
protected by IPsec are visible. This mode of IPsec can
sometimes be susceptible to traffic analysis. However, because
there is no additional IP header added, the result is less
packet expansion. Transport mode can be deployed with either
ESP or AH or both. This mode works well with Generic Routing
Encapsulation (GRE) because GRE already hides the addresses of
the end stations by adding an IP header.
ESP and
AH Header
You can achieve AH authentication by
applying a keyed one-way hash function to the packet, creating
a hash or message digest. The hash is combined with the text
and then transmitted. Changes in any part of the packet that
occur during transit are detected by the receiver when the
receiver performs the same one-way hash function on the
received packet and compares the value of the message digest
that the sender has supplied. One-way hash also involves the
use of a symmetric key between the two systems, meaning that
authenticity is guaranteed. ESP provides confidentiality by
encrypting the payload. The default algorithm for IPsec is
56-bit DES. Cisco products also support the use of 3DES for
stronger encryption. The ESP encryption algorithms by
themselves do not provide authentication or guarantee data
integrity. ESP encryption with an authentication and data
integrity service can be achieved in two ways: -
Authenticated ESP format
- Nested ESP within AH
With authenticated ESP, IPsec encrypts the payload using
one symmetric key, then calculates an authentication value for
the encrypted data using a second symmetric key and the
HMAC-SHA1 or HMAC-MD5 algorithm. The ESP authentication value
is appended to the end of the packet. The recipient computes
its own authentication value for the encrypted data using the
second symmetric key and the same algorithm. The recipient
compares the result with the transmitted authentication value.
If the values match, the recipient then decrypts the encrypted
portion of the packet with the first symmetric key and extracts
the original data. Figure depicts authenticated ESP in both
transport and tunnel modes. An ESP packet can be nested within
an AH packet. First, the payload is encrypted. Next, the
encrypted payload is sent through a hash algorithm: MD5 or
SHA-1. The hash provides origin authentication and data
integrity for the data payload. Figure shows nested ESP in AH
using transport mode.
Content 3.2 Understanding
IPsec Components and IPsec VPN Features 3.2.7
AH Authentication and Integrity The AH function is applied
to the entire datagram, except for any mutable IP header fields
that change in transit, such as Time to Live (TTL) fields that
are modified by the routers along the transmission path. AH
works as follows and as shown in Figure : Step 1 The IP
header and data payload are hashed. Step 2 The hash is
used to build an AH header, which is appended to the original
packet. Step 3 The new packet is transmitted to the
IPsec peer router. Step 4 The peer router
hashes the IP header and data payload. Step 5
The peer router extracts the transmitted hash from the AH
header. Step 6 The peer router compares the two
hashes. The hashes must exactly match. Even if one bit is
changed in the transmitted packet, the hash output on the
received packet will change and the AH header will not match.
AH supports MD5 and SHA-1 algorithms. Figure shows an AH frame
format in tunnel mode.
Content 3.2 Understanding
IPsec Components and IPsec VPN Features 3.2.8
ESP Protocol Between two security gateways, the original
payload is well protected because the entire original IP
datagram is encrypted. An ESP header and trailer are added to
the encrypted payload. With ESP authentication, the encrypted
IP datagram and the ESP header or trailer are included in the
hashing process. Last, a new IP header is appended to the front
of the authenticated payload. The new IP address is used to
route the packet through the Internet. When both ESP
authentication and encryption are selected, encryption is
performed first before authentication. The basis for this order
of processing is to facilitate rapid detection and rejection of
replayed or bogus packets by the receiving node. Prior to
decrypting the packet, the receiver can authenticate inbound
packets. By authenticating packets first, the receiver can
detect problems and potentially reduce the impact of denial of
service (DoS) attacks. Transport mode is the default mode for
IPsec. Transport mode only protects the payload of the packet