Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Tunneling Protocols

Tunneling Protocols

Sep 23,2009 by alperen

small font medium font large font
image

Tunneling Protocols

Most VPNs use the concept of tunneling to create a private network that extends across the Internet. Conceptually, it’s as if a secure tunnel has been built between two end devices (routers, firewall, or VPN device). Data can be directed into one end of the tunnel and it travels securely to the other end. These end devices, or tunnel interfaces, are typically the perimeter router firewalls for the LANs being connected.

Technically, no tunnel exists and the process doesn’t resemble a tunnel, but the term “tunneling” somewhat describes the end result of traffic being able to pass through a non-secure environment without concerns about eavesdropping, data hijacking, or data manipulation. Tunneling is a process of encapsulating an entire data packet as the payload within a second packet, which is understood by the network and both end points. Depending on the protocols used, the new payload—the original packet—can be encrypted. Figure 9-5 is a common graphical representation of Layer 3 tunneling technology.

Click To expand
Figure 9-5: Layer 3 VPN tunneling representation

The tunneling process requires three different protocols:

  • Carrier protocol The network protocol used to transport the final encapsulation

  • Encapsulating protocol The protocol used to provide the new packet around the original data packet. Examples: IPSec, GRE, L2F, L2TP, PPTP

  • Passenger protocol The original data packet that’s been encapsulated. Examples: IP, IPX, NetBEUI

Through tunneling techniques, you can pass non-IP packets or private IP addressed packets through a public IP network. You can even route NetBEUI—the famous non- routable protocol—once it’s been encapsulated for tunneling through a VPN. What happens is the new data frame, or packet, is, in fact, a legal packet with proper addressing to travel through the network. Hidden safely within the payload portion of this new frame is the original packet, which needs the assistance and/or protection.

L2F, L2TP, and PPTP are all three Layer 2 tunneling protocols that support Access VPN solutions by tunneling PPP.


194 times read

Related news
» Encryption and Tunneling
by alperen posted on Sep 02,2009
» Security and Tunneling Overhead
by admin posted on Jul 17,2008
» Layer Two Forwarding (L2F) Protocol
by alperen posted on Sep 23,2009
» Split Tunneling Policy
by alperen posted on Nov 14,2009
» Layer 2 Tunneling Protocol (L2TP)
by alperen posted on Sep 23,2009
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.