Computer Networks

IPsec

AWS, Azure, GCP - all clouds offer managed IPsec VPN for on-premise connectivity. It's been the de facto standard for enterprise VPN for 30 years. Understanding IPsec opens doors to the world of corporate networks and multi-cloud architectures.

**Cloud connectivity:** AWS Site-to-Site VPN, Azure VPN Gateway, GCP Cloud VPN - all IPsec under the hood
**IKEv2 on mobile:** iOS and Android have built-in IKEv2 clients. Many corporate VPNs use it instead of OpenVPN
**Network equipment:** Cisco, Juniper, Fortinet - IPsec is the lingua franca for site-to-site between different vendors

Предварительные знания

VPN: Virtual Networks

IPsec Modes

**IPsec** - a suite of protocols for protecting IP traffic. Operates at the network layer (Layer 3), protecting any protocols above: TCP, UDP, ICMP. Two modes: **Transport** and **Tunnel**.

**Tunnel Mode by default:** Most VPN configurations use Tunnel Mode. Transport Mode is for specific scenarios (L2TP/IPsec, host-to-host).

IPsec components:

Offices A and B are connected via IPsec VPN. Which mode hides internal IP addresses?

ESP - Encapsulating Security Payload

**ESP (Protocol 50)** - the primary IPsec protocol. Provides encryption (confidentiality), authentication (integrity), and replay attack protection.

**SPI (Security Parameter Index):** A 32-bit identifier linking a packet to a specific SA (Security Association). The receiver uses the SPI to look up decryption keys.

ESP encryption algorithms:

**Replay Protection:** Sequence Number increments with each packet. The receiver maintains a sliding window (~32-64 packets). Packets with already-seen or too-old sequence numbers are dropped.

What does AEAD mean in the context of ESP (e.g., AES-GCM)?

AH - Authentication Header

**AH (Protocol 51)** provides only authentication and integrity - **no encryption**. Also protects immutable fields in the IP header. Almost never used today.

**Why AH died:** NAT changes IP addresses, which breaks AH's ICV. ESP with NAT-T (UDP encapsulation) passes through NAT. ESP also provides encryption, which AH lacks.

AH's only advantage - protecting the outer IP header. But this is rarely needed:

Why is AH incompatible with NAT?

IKE - Internet Key Exchange

**IKE** - the parameter negotiation and key exchange protocol for IPsec. Runs over UDP port 500 (or 4500 with NAT-T). Two versions: **IKEv1** (complex) and **IKEv2** (recommended).

**IKEv1 vs IKEv2:** IKEv1 required 6-9 messages (Main Mode + Quick Mode). IKEv2 - only 4. Plus IKEv2 has built-in NAT-T, MOBIKE, and better cryptography.

IKE authentication methods:

How many messages does IKEv2 need to establish an IPsec tunnel (IKE SA + Child SA)?

Security Associations (SA)

**Security Association (SA)** - a contract between two devices: which algorithms to use, which keys, which traffic to protect. An SA is identified by its **SPI** (Security Parameter Index).

**SAs always come in pairs:** Bidirectional traffic requires two SAs: one for outbound, one for inbound. Each with its own SPI and keys.

**SAD (Security Association Database)** and **SPD (Security Policy Database)**:

IPsec is complex, so WireGuard is always better

IPsec is the enterprise and cloud standard. WireGuard is simpler but less flexible

IPsec is supported everywhere: Cisco, Juniper, AWS, Azure, GCP, built into Windows/macOS/Linux. Has flexible policies (SPD), PKI certificate support, EAP, multiple algorithms. WireGuard is great for simple scenarios but doesn't replace IPsec in enterprise: no dynamic routing support (BGP over IPsec), limited key management, no standard PKI integration.

Site-to-Site VPN between offices A and B. How many IPsec SAs are active while the tunnel is running?

Key Ideas

**Transport Mode** protects payload, **Tunnel Mode** encapsulates the entire packet. VPN typically uses Tunnel
**ESP** (Protocol 50) - encryption + authentication. AES-GCM recommended. **AH** (Protocol 51) - auth only, almost never used
**IKEv2** negotiates parameters in 4 messages (2 RTT). Supports PSK, certificates, EAP
**SA** - a contract with keys and parameters. Always in pairs (inbound/outbound). Stored in SAD, policies in SPD

Вопросы для размышления

Why did ESP win over AH, despite AH protecting more (including the IP header)?
How does Perfect Forward Secrecy (PFS) affect the security of long-lived VPNs?
Why do cloud providers use IPsec instead of WireGuard for managed VPN?

Связанные уроки

crypto-32-tls

Computer Networks

IPsec

**Cloud connectivity:** AWS Site-to-Site VPN, Azure VPN Gateway, GCP Cloud VPN - all IPsec under the hood
**IKEv2 on mobile:** iOS and Android have built-in IKEv2 clients. Many corporate VPNs use it instead of OpenVPN
**Network equipment:** Cisco, Juniper, Fortinet - IPsec is the lingua franca for site-to-site between different vendors

Предварительные знания

VPN: Virtual Networks

IPsec Modes

**IPsec** - a suite of protocols for protecting IP traffic. Operates at the network layer (Layer 3), protecting any protocols above: TCP, UDP, ICMP. Two modes: **Transport** and **Tunnel**.

**Tunnel Mode by default:** Most VPN configurations use Tunnel Mode. Transport Mode is for specific scenarios (L2TP/IPsec, host-to-host).

IPsec components:

Offices A and B are connected via IPsec VPN. Which mode hides internal IP addresses?

ESP - Encapsulating Security Payload

**ESP (Protocol 50)** - the primary IPsec protocol. Provides encryption (confidentiality), authentication (integrity), and replay attack protection.

**SPI (Security Parameter Index):** A 32-bit identifier linking a packet to a specific SA (Security Association). The receiver uses the SPI to look up decryption keys.

ESP encryption algorithms:

**Replay Protection:** Sequence Number increments with each packet. The receiver maintains a sliding window (~32-64 packets). Packets with already-seen or too-old sequence numbers are dropped.

What does AEAD mean in the context of ESP (e.g., AES-GCM)?

AH - Authentication Header

**AH (Protocol 51)** provides only authentication and integrity - **no encryption**. Also protects immutable fields in the IP header. Almost never used today.

**Why AH died:** NAT changes IP addresses, which breaks AH's ICV. ESP with NAT-T (UDP encapsulation) passes through NAT. ESP also provides encryption, which AH lacks.

AH's only advantage - protecting the outer IP header. But this is rarely needed:

Why is AH incompatible with NAT?

IKE - Internet Key Exchange

**IKE** - the parameter negotiation and key exchange protocol for IPsec. Runs over UDP port 500 (or 4500 with NAT-T). Two versions: **IKEv1** (complex) and **IKEv2** (recommended).

**IKEv1 vs IKEv2:** IKEv1 required 6-9 messages (Main Mode + Quick Mode). IKEv2 - only 4. Plus IKEv2 has built-in NAT-T, MOBIKE, and better cryptography.

IKE authentication methods:

How many messages does IKEv2 need to establish an IPsec tunnel (IKE SA + Child SA)?

Security Associations (SA)

**Security Association (SA)** - a contract between two devices: which algorithms to use, which keys, which traffic to protect. An SA is identified by its **SPI** (Security Parameter Index).

**SAs always come in pairs:** Bidirectional traffic requires two SAs: one for outbound, one for inbound. Each with its own SPI and keys.

**SAD (Security Association Database)** and **SPD (Security Policy Database)**:

IPsec is complex, so WireGuard is always better

IPsec is the enterprise and cloud standard. WireGuard is simpler but less flexible

Site-to-Site VPN between offices A and B. How many IPsec SAs are active while the tunnel is running?

Key Ideas

**Transport Mode** protects payload, **Tunnel Mode** encapsulates the entire packet. VPN typically uses Tunnel
**ESP** (Protocol 50) - encryption + authentication. AES-GCM recommended. **AH** (Protocol 51) - auth only, almost never used
**IKEv2** negotiates parameters in 4 messages (2 RTT). Supports PSK, certificates, EAP
**SA** - a contract with keys and parameters. Always in pairs (inbound/outbound). Stored in SAD, policies in SPD

Вопросы для размышления

Why did ESP win over AH, despite AH protecting more (including the IP header)?
How does Perfect Forward Secrecy (PFS) affect the security of long-lived VPNs?
Why do cloud providers use IPsec instead of WireGuard for managed VPN?

Связанные уроки

crypto-32-tls

IPsec

Предварительные знания

IPsec Modes

ESP - Encapsulating Security Payload

AH - Authentication Header

IKE - Internet Key Exchange

Security Associations (SA)

Key Ideas

Related Topics

Вопросы для размышления

Связанные уроки

IPsec

Предварительные знания

IPsec Modes

ESP - Encapsulating Security Payload

AH - Authentication Header

IKE - Internet Key Exchange

Security Associations (SA)

Key Ideas

Related Topics

Вопросы для размышления

Связанные уроки