GET VPN- UDP/848
GET VPN:
=======
dmvpn:-(PC1)---original ip----(router)----ESP----(Router)--Original ip--(PC2)
GET VPN:-(router)---original ip------------------------Original ip--(Router)
+it is tunnel less no need to negotiate anything,it uses original ip, and it is has less latency
COOP (Co-operative key server protocol)
used to sync the keying infor
KS1<-----COOP--->KS2
GDOI(group domain of interpretation):-
+Protocol that operates b/w GM and KS
GM<---GDOI---->KS
+gdoi is protected by phase1
GM<------isakmp phase1----------------->KS
GM------group id+hash+nonce----------->KS -->GDOI
GM<------Hash+responder nonce+SA-----KS -->GDOI
GM------Hash------------------------------->KS -->GDOI
GM<------Hash+KEYS------------------------KS -->GDOI
Group Member:-
GM--resisters--->KS (this will authn and authz the GM)
(---this is used to get ipsec sa---)
GM<--SA policies and keys----KS
(GM downloads SA policies and keys)
GM1<-------->GM2
(using ipsec sa and keys it will encrypt the traffic)
when keys are about to expire
GM<--rekeys----KS
Two Types of KEYS:-
KEK(key encryption key):-
GM<----KEK----KS -->used to decrypt rekey messages from KS
TEK(Traffic encryption key):
GM1<---TEK---->GM2 -->
Key server:-
+used for maintaining policy and keys
Configurations:-
KEY SERVER:-
Group Member:-
0 Response to "GET VPN- UDP/848"
Post a Comment