vpn_09
TRANSCRIPT
-
8/7/2019 VPN_09
1/89
1
VPN
Olga Torstensson
IDE
Halmstad University
-
8/7/2019 VPN_09
2/89
2
What is a VPN?
A Virtual Private Network (VPN) isdefined as network connectivity deployed
on a shared infrastructure with the samepolicies and security as a private network.
-
8/7/2019 VPN_09
3/89
3
VPN Taxonomy
Overlay VPNsService providers provide virtual point-to-point links.
Peer-to-peer VPNsService providers participate in thecustomer routing.
-
8/7/2019 VPN_09
4/89
4
Virtual Private Networks (VPNs)
-
8/7/2019 VPN_09
5/89
5
Why Have VPNs?
-
8/7/2019 VPN_09
6/89
6
Tunneling and Encryption
-
8/7/2019 VPN_09
7/89
7
Plaintext, Encryption,Ciphertext, and Decryption
Network
Plaintext
Hello
Encryption
Method &
Key
Ciphertext 11011101
Encryption
Key
Ciphertext 11011101 Plaintext
Hello
Decryption
Method &
Key
Decryption
Key
Interceptor
Party A
Party B
Note:
Interceptor Cannot Read
Ciphertext Without the
Decryption Key
-
8/7/2019 VPN_09
8/89
8
Use VPNs with a Variety of Devices
-
8/7/2019 VPN_09
9/89
9
VPN Types
Remote Access VPN Solutions
-
8/7/2019 VPN_09
10/89
10
Site-to-Site VPN Solutions
-
8/7/2019 VPN_09
11/89
11
VPN Types and ApplicationsVPN Types and ApplicationsType Application As Alternative To
SiteSite--toto--SiteSite
VPNVPN
ExtranetExtranet
VPNVPN
Benefits
SiteSite--toto--SiteSite
InternalInternal
ConnectivityConnectivity
Extend ConnectivityExtend Connectivity
Increased BandwidthIncreased Bandwidth
Lower CostLower Cost
Leased LineLeased Line
Frame RelayFrame Relay
ATMATM
RemoteRemote
AccessAccess
VPNVPN
Remote DialRemote Dial
ConnectivityConnectivity
DedicatedDedicated
DialDial
ISDNISDN
Ubiquitous AccessUbiquitous Access
Lower CostLower Cost
ExternalExternal
ConnectivityConnectivity
FaxFax
MailMailFacilitatesFacilitates
EE--CommerceCommerce
-
8/7/2019 VPN_09
12/89
12
VPN Requirements Vary ByVPN Requirements Vary By
ApplicationApplication
Central Site
Site-to-SiteRemote Office
ExtranetBusiness Partner
POP
DSLCable
Mobile User
Home Telecommuter
VPNInternet
Extension of classic WAN
Compatibility with diversenetwork traffic types
Integration with routing
Deployment scalability
Evolution away from dial
Per-user manageability
Multi-OS (desktop) support
Deployment scalability
Site-to-Site VPNRemote Access VPN
-
8/7/2019 VPN_09
13/89
13
Tunneling Protocols
-
8/7/2019 VPN_09
14/89
14
VPN Protocols
-
8/7/2019 VPN_09
15/89
15
Selecting Layer 3 VPN Tunnel Options
-
8/7/2019 VPN_09
16/89
16
Identifying VPN and IPSec Terms
Tunnel
Encryption/Decryption
Cryptosystem
Hashing
Authentication Authorization
Key Management
Certificate of Authority Service
-
8/7/2019 VPN_09
17/89
17
Identifying VPN and IPSec Terms
IPSec main protocols are used to provideprotection for user data:
Authentication Header AH
Encapsulating Security Payload ESP
Internet Key Exchange IKE
Internet Security Association KeyManagement Protocol ISAKMP
-
8/7/2019 VPN_09
18/89
18
Cryptographic System
ConfidentialityAuthentication
Message Integrity
Anti-Replay ProtectionClient PC withCryptographic
SystemSoftware
Server withCryptographic
SystemSoftware
Secure Communication
ProvidedAutomatically
-
8/7/2019 VPN_09
19/89
19
Cryptosystem Overview
-
8/7/2019 VPN_09
20/89
20
Symmetric Encryption
-
8/7/2019 VPN_09
21/89
21
Asymmetric Encryption
-
8/7/2019 VPN_09
22/89
22
RSA
Rivest, Shamir, Adelman (1977)
patented, royalty
public key cryptosystem
variable key length (usually 512-2048 bit)
based on the (current) difficulty of factoringvery large numbers
-
8/7/2019 VPN_09
23/89
23
RSA
each entity has two keys
public key (can be published)
private key (must be kept secret)
it is not feasible to determine the privatekey from the public key
one key encrypts, the other key decrypts amessage
-
8/7/2019 VPN_09
24/89
24
RSA
100-1000 times slower than DES
used for two services
privacywith encryption (usually smallamounts such as session keys)
authenticationand non-repudiationwithelectronic signing
-
8/7/2019 VPN_09
25/89
25
RSA encryption (privacy)
Alice gets Bobs public key
Alice encrypts message with Bobs public key
Bob decrypts message using his private key
BobAlice
ClearEncrypted
Bobs Private KeyBobs Public Key
DecryptionDecryptionEncryptionEncryption
PriPriPub
-
8/7/2019 VPN_09
26/89
26
RSA signatures (authentication)
PriPri Pub
Clear ClearEncrypted
Alice encrypts message with her private key
Bob gets Alices public key
Bob decrypts message using Alices publickey
Alices Public KeyAlices Private Key
EncryptionEncryption DecryptionDecryption
BobAlice
-
8/7/2019 VPN_09
27/89
27
Key Exchange Diffie-Hellman
Algorithm
-
8/7/2019 VPN_09
28/89
28
The Diffie-Hellman algorithm
algorithm for secure key exchange overinsecure channels
based on the difficulty of finding discrete
logarithms used to establish a shared secret between
parties (usually the key for symmetricencryption or HMACs)
-
8/7/2019 VPN_09
29/89
29
Modular Exponentiation
Generator, gg
Modulus (prime), pp
YY = ggXX mod pp
22 237276162930753723237276162930753723mod7992739798459792657265179927397984597926572651
Both gg and pp Are Shared and Well-Known
-
8/7/2019 VPN_09
30/89
30
Diffie-Hellman Key ExchangePrivate Value, XXAAPublic Value, YYAA
Private Value, XXBBPublic Value, YYBB
(shared secret)
AliceAlice BobBob
YYBB mod p = g mod p =YYAA mod pXXBBXXAA XXBB
YYAA
YYBB
YYBB = g mod pXXBBYYAA =g mod p
XXAA
XXAA
-
8/7/2019 VPN_09
31/89
31
Hashing Hashing is a one-way function. It cannot
be reversed
From the hash, you cannot compute theoriginal message
Hashing is repeatable If two parties apply the same hashing method
to the same bit string, they will get the samehash
-
8/7/2019 VPN_09
32/89
32
Hashing
-
8/7/2019 VPN_09
33/89
33
Encryption Versus HashingEncryption
Uses a key as aninput to anencryption method
Output is similar inlength to input
Reversible; ciphertextcan be decryptedback to plaintext
Use of Key
Length ofResult
Reversibility
Hashing
Key is usually addedto text; the two arecombined, and thecombination is hashed
Output is of a fixedshort length,regardless of input
One-way function; hashcannot be de-hashed backto the original string
-
8/7/2019 VPN_09
34/89
34
Tunnel Versus Transport Mode
-
8/7/2019 VPN_09
35/89
35
IPsec Operation: Tunnel andTransport Modes
Secure Connection
Secure onthe Internet
Transport Mode
SiteNetwork
SiteNetwork
Securityin Site
Network
Securityin Site
Network
ExtraSoftwareRequired
ExtraSoftwareRequired
-
8/7/2019 VPN_09
36/89
36
IPsec Operation: Tunnel andTransport Modes
TunneledConnection
Secure onthe Internet
Tunnel Mode
SiteNetwork
SiteNetwork
NoSecurityin Site
Network
NoSecurityin Site
Network
NoExtra
Software
NoExtra
Software
IPsecServer
IPsecServer
-
8/7/2019 VPN_09
37/89
37
IPsec Operation: Tunnel andTransport Modes
Transport Mode
Orig. IPHdr
IPsecHdr
Protected PacketData Field
Destination IP AddressIs Actual Address;
Vulnerable to Scanning
Tunnel Mode
New IPHdr
IPsecHdr
ProtectedOriginal Packet
Destination IP Address isIPsec Gateway Address
Host IP AddressIs not Revealed
-
8/7/2019 VPN_09
38/89
38
IPsec ESP and AH Protection
IPHeader
ESPHeader
ProtectedESP
Trailer
IPHeader
AuthenticationHeader
Protected
Confidentiality
Authentication and Message Integrity
Authentication and Message IntegrityNo Confidentiality
Protocol = 50
Protocol = 51
EncapsulatingSecurityPayload
AuthenticationHeader
-
8/7/2019 VPN_09
39/89
39
IPSec Security Protocols
-
8/7/2019 VPN_09
40/89
40
Modes and Protections
PossiblePossibleTunnel Mode(IPsec Gatewayto Gateway)
PossiblePossibleTransport Mode(End-to-End)
AHAuthentication
Integrity
ESPConfidentiality
AuthenticationIntegrity
-
8/7/2019 VPN_09
41/89
41
IPSEC Concepts Peers
Transform sets
Security Associations
Transport and Tunnel modes
Authentication Header (AH) &Encapsulating Security Payload (ESP)
-
8/7/2019 VPN_09
42/89
42
Peer Authentication
Peer authenticationmethods:
Pre-shared keys
RSA signatures
HRservers
Peerauthentication
Remote officeCorporate Office
Internet
A peerof an IPSEC device is another device participating inIPSEC. A peer can be a router, firewall, server or someremote PCwith IPSEC support.
Peeringbetween two IPSEC device is usually a point to pointrelationship
Peers
-
8/7/2019 VPN_09
43/89
43
Transform Sets A transform set is a list of IPsec protocols and
cryptographic algorithms that a peer can accept.Because IPsec allows for the use of differentprotocols and algorithms, a peer needs to declareand negotiate with other peers what it can support.
Peers communicate the protocols and algorithmsthey support by exchanging transform sets. For twopeers to communicate successfully, they must sharea common transform set, otherwise peering fails.
-
8/7/2019 VPN_09
44/89
44
A Transform Set
An IPsec security protocol, AHor ESPor both
An integrity/Authentication algorithm
ie MD5 HMAC or SHA-1 HMAC
An encrypting algorithm DES, 3DES.A null encryption algorithm is also supported.
-
8/7/2019 VPN_09
45/89
45
Security Association
A Security Association (SA) is alogical connection that provides
data flowing from one peer to
another by using a transform set.
Security associations are likelogical tunnels between peers.
Traffic entering an SA is protectedand transported to the other side.
-
8/7/2019 VPN_09
46/89
46
IPsec Security Associations
IPsec Policy Server
2. Security Association (SA)for Transmissions from A to B
3. Security Association (SA)For Transmission from B to A
(Can Be Different Than
A to B SA)
Party A Party B
1. List ofAllowableSecurity
Associations
1. List ofAllowableSecurity
Associations
-
8/7/2019 VPN_09
47/89
47
Security Association
-
8/7/2019 VPN_09
48/89
48
Establishing IPsec SecurityAssociations Using IKE
Internet Key ExchangeSecurity Association
UDP Port 500
Party A Party B
IPsec SAsFirst establish IKE association andprotected session
Then create IPsec SAs within theProtection of the IKE session.
-
8/7/2019 VPN_09
49/89
-
8/7/2019 VPN_09
50/89
-
8/7/2019 VPN_09
51/89
51
Determine IKE (IKE Phase 1) Policy
Determine the following policy details: Key distribution method
Authentication method
IPSec peer IP addresses and hostnames
IKE phase 1 policies for all peers
Encryption algorithm Hash algorithm
IKE SA lifetime
Goal: Minimize misconfiguration
-
8/7/2019 VPN_09
52/89
52
IKE Phase 1 Policy Parameters
-
8/7/2019 VPN_09
53/89
53
Determine IPSec (IKE Phase 2) Policy
Determine the following policy details:
IPSec algorithms and parameters for optimal securityand performance
Transforms and, if necessary, transform sets
IPSec peer details
IP address and applications of hosts to be protected
Manual or IKE-initiated SAs
Goal: Minimize misconfiguration
-
8/7/2019 VPN_09
54/89
54
IPSec Transforms Supported in
Cisco IOS Software
-
8/7/2019 VPN_09
55/89
55
Authentication Header
-
8/7/2019 VPN_09
56/89
56
Encapsulating Security Payload
-
8/7/2019 VPN_09
57/89
57
IPSec Policy Example
-
8/7/2019 VPN_09
58/89
58
Identify IPSec Peers
-
8/7/2019 VPN_09
59/89
59
Check Current Configuration
-
8/7/2019 VPN_09
60/89
60
Ensure the Network Works
-
8/7/2019 VPN_09
61/89
61
Ensure ACLs are Compatible with IPSec
-
8/7/2019 VPN_09
62/89
62
Task Configure IKE Task 2 Configure IKE
Step 1 Enable or disable IKE. crypto isakmp enable
Step 2 Create IKE policies. crypto isakmp policy
Step 3 Configure ISAKMP.
crypto isakmp identity
Step 4 Configure pre-shared keys. crypto isakmp key
Step 5 Verify the IKE configuration. show crypto isakmp policy
-
8/7/2019 VPN_09
63/89
63
Enable IKE
-
8/7/2019 VPN_09
64/89
64
Create IKE policies
-
8/7/2019 VPN_09
65/89
65
Create IKE Policies with thecrypto isakmp Command
-
8/7/2019 VPN_09
66/89
66
IKE Policy Negotiation
-
8/7/2019 VPN_09
67/89
67
Configure Pre-shared Keys
-
8/7/2019 VPN_09
68/89
68
Verify IKE Configuration
-
8/7/2019 VPN_09
69/89
69
Configure IPSec Task 3 Configure IPSec
Step 1 Configure transform set suites. crypto ipsec transform-set
Step 2 Configure global IPSec SA lifetimes. crypto ipsec security-association lifetime
Step 3 Create crypto ACLs using extended access
lists Step 4 Configure IPSec crypto maps.
crypto map
Step 5 Apply crypto maps to interfaces. crypto map map-name
-
8/7/2019 VPN_09
70/89
70
Configure Transform Set Suites
-
8/7/2019 VPN_09
71/89
71
Transform Set Negotiation
-
8/7/2019 VPN_09
72/89
72
Configure Global IPSec Security
Association Lifetimes
-
8/7/2019 VPN_09
73/89
73
Configure Global IPSec Security
Association Lifetimes
-
8/7/2019 VPN_09
74/89
74
Purpose of Crypto ACLs
-
8/7/2019 VPN_09
75/89
75
Create Crypto ACLs Using Extended
Access Lists
-
8/7/2019 VPN_09
76/89
76
Create Crypto ACLs Using ExtendedAccess Lists
-
8/7/2019 VPN_09
77/89
77
Configure Symmetrical Peer Crypto
ACLs
-
8/7/2019 VPN_09
78/89
78
Purpose of Crypto Maps
Crypto maps pull together the various partsconfigured for IPSec, including:
The traffic to be protected by IPSec and a set of SAs
The local address to be used for the IPSec traffic
The destination location of IPSec-protected traffic
The IPSec type to be applied to this traffic
The method of establishing SAs, either manually or
by using RSA
Other parameters needed to define an IPSec SA
-
8/7/2019 VPN_09
79/89
79
Crypto Map Parameters
-
8/7/2019 VPN_09
80/89
80
Configure IPSec Crypto Maps
-
8/7/2019 VPN_09
81/89
81
Example Crypto Map Commands
-
8/7/2019 VPN_09
82/89
82
Apply Crypto Maps to Interfaces
-
8/7/2019 VPN_09
83/89
83
IPSec Configuration Examples
-
8/7/2019 VPN_09
84/89
84
Test and Verify IPSec
Display configured IKE policies.show crypto isakmp policy
(show isakmp policy on a PIX)
Display configured transform sets.show crypto ipsec transform-set
Display phase | security associations.show crypto isakmp sa
(show isakmp sa on a PIX)
-
8/7/2019 VPN_09
85/89
85
Generic Routing Encapsulation
GRE
GRE is an OSI Layer 3 tunneling protocol:
Encapsulates a wide variety of protocol packet types inside IPtunnels
Creates a virtual point-to-point link to Cisco routers at remotepoints over an IP internetwork
Uses IP for transport
Uses an additional header to support any other OSI Layer 3protocol as payload (for example, IP, IPX, AppleTalk)
-
8/7/2019 VPN_09
86/89
86
Reasons for using GRE over
IPsec
To pass multicast and broadcast traffic across
the tunnel securely
To pass non-IP traffic securely
To provide resiliency
To assist in saving memory and CPU cyclesin the router, by reducing the number of SAthat need to be set up
-
8/7/2019 VPN_09
87/89
87
Secure GRE TunnelsIPsec provides what GRE lacks:
Confidentiality through encryption using symmetricalgorithms
Data source authentication using HMACs Dataintegrity verification using HMACs
IPsec is not perfect at tunneling:Older IOS versions do not support IP multicast overIPsec
IPsec was designed to tunnel IP only (nomultiprotocol support)
Using crypto maps to implement IPsec does notallow the use of routing protocols across the tunnel
IPsec does not tunnel IP protocols; GRE does
-
8/7/2019 VPN_09
88/89
88
GRE over IPsec
GRE over IPsec is typically used to dothe following: Create a logical hub-and-spoke topology of virtual point-
to-point connections
Secure communication over an untrusted transportnetwork (e.g. the Internet)
-
8/7/2019 VPN_09
89/89
GRE over IPsec Encapsulation
GRE encapsulates an arbitrary payload.
IPsec encapsulates unicast IP packet (GRE):
Tunnel mode (default): IPsec creates a newtunnel IP packet
Transport mode: IPsec reuses the IP header ofthe GRE (20 bytes less overhead than tunnelmode)