摘要
目前的互联网普遍使用TCP/IP协议进行基础通信,而TCP/IP本身没有提供安全。数据在互联网传输的过程容易被伪造、篡改或者窥视。特别是企业或机构单位不同办公地点之间数据的传输要经过互联网,因此更要保护数据传输的安全。VPN是对企业内部网络的扩展,通过VPN可以帮助远程用户、企业或机构单位分支机构的内部网络建立可信的安全连接,并保证数据的安全传输。IPSec VPN可以有效地保护IP数据报的安全,它提供了一套健壮的安全机制,可为IP上层协议提供安全保障。文章研究IPSec技术原理和VPN隧道,分析并使用eNSP模拟器设计实现了IPSec VPN网络,并对网络进行实际测试。
At present, the internet generally uses TCP/IP protocol for basic communication, but TCP/IP itself does not provide security. The data on the progress of internet transmission is easy to be forged, tampered with or peeked at. In particular, the data transmission among different office locations of enterprises or institutions must pass through the internet, so it is more important to protect the security of data transmission. VPN is an extension of the internal network of an enterprise. It can help internal network of remote users,enterprises or the branches of institutions to establish reliable and secure connections, and ensure the safe transmission of data. IPSec VPN can effectively protect the security of IP datagrams. It provides a set of robust security mechanism, which can provide security for IP upper layer protocols. This paper studies the principle of IPSec technology and VPN tunnel, analyzes and uses eNSP simulator to design and implement IPSec VPN network, and tests the network in practice.
作者
陈展翅
王晓品
CHEN Zhanchi;WANG Xiaopin(Department of Electronics,Software Engineering Institute of Guangzhou,Guangzhou 510990,China)
出处
《现代信息科技》
2022年第24期69-71,共3页
Modern Information Technology
