Encryption and Authentication of Data Using the IPSEC Protocol

Abstract

This paper presents an overview of the Internet Protocol Security (IPSec) protocol [13, 14] implemented in a Dynamic Multipoint Virtual Private Network (DMVPN) to implement security features at the network layer to provide authenticated and confidential communication using various authentication and encryption protocols operating between devices located at a far away distance from one another on the Internet. In order to provide secure communication between various branches of a company located at distant locations across the Internet and to protect the data from unauthorized access, we create a virtual tunnel connecting the branches and send data across the branches in encrypted packets encapsulated within Internet Protocol (IP) datagram which are hidden from the Internet. The packets pass across to the other branch as if they are in one private network which overlays the Internet. We use the IPSec protocol for providing authentication and encryption to the IP packets. We create a Generic Routing Encapsulation (GRE) tunnel to create a DMVPN connecting the branch offices to one another. We have used GNS3 for the simulation of the scenario which is an emulator software for routers, computers, switches and various other network devices. With the help of GNS3, we were able to access the configuration terminal of various network devices and configure appropriate commands for implementing the DMVPN solution. We also used Wireshark which is a packet analyzer software that is used for tracking the IP packets which pass through the network and analyze their header, protocol information and the data that is encapsulated within it.