IPsec OverviewIPsec is a suite of related protocols for cryptographically securing communications at the IP Packet Layer. IPsec also provides methods for the manual and automatic negotiation of security associations (SAs) and key distribution, all the attributes for which are gathered in a domain of interpretation (DOI). The IPsec DOI is a document containing definitions for all the security parameters required for the successful negotiation of a VPN tunnel—essentially, all the attributes required for SA and IKE negotiations. See RFC 2407 and RFC 2408 for more information. Show
To use IPsec security services, you create SAs between hosts. An SA is a simplex connection that allows two hosts to communicate with each other securely by means of IPsec. There are two types of SAs: manual and dynamic. IPsec supports two modes of security (transport mode and tunnel mode). Security AssociationsA security association (SA) is a unidirectional agreement between the VPN participants regarding the methods and parameters to use in securing a communication channel. Full bidirectional communication requires at least two SAs, one for each direction. Through the SA, an IPsec tunnel can provide the following security functions:
The security functions you employ depend on your needs. If you need only to authenticate the IP packet source and content integrity, you can authenticate the packet without applying any encryption. On the other hand, if you are concerned only with preserving privacy, you can encrypt the packet without applying any authentication mechanisms. Optionally, you can both encrypt and authenticate the packet. Most network security designers choose to encrypt, authenticate, and replay-protect their VPN traffic. An IPsec tunnel consists of a pair of unidirectional SAs—one SA for each direction of the tunnel—that specify the security parameter index (SPI), destination IP address, and security protocol (Authentication Header [AH] or Encapsulating Security Payload [ESP] employed. An SA groups together the following components for securing communications:
For inbound traffic, Junos OS looks up the SA by using the following triplet:
For outbound VPN traffic, the policy invokes the SA associated with the VPN tunnel. IPsec Key ManagementThe distribution and management of keys are critical to using VPNs successfully. Junos OS supports IPsec technology for creating VPN tunnels with three kinds of key creation mechanisms:
You can choose your key creation mechanism—also called authentication method—during Phase 1 and Phase 2 proposal configuration. See Internet Key Exchange. This topic includes the following sections:
Manual KeyWith manual keys, administrators at both ends of a tunnel configure all the security parameters. This is a viable technique for small, static networks where the distribution, maintenance, and tracking of keys are not difficult. However, safely distributing manual-key configurations across great distances poses security issues. Aside from passing the keys face-to-face, you cannot be completely sure that the keys have not been compromised while in transit. Also, whenever you want to change the key, you are faced with the same security issues as when you initially distributed it. AutoKey IKEWhen you need to create and manage numerous tunnels, you need a method that does not require you to configure every element manually. IPsec supports the automated generation and negotiation of keys and security associations using the Internet Key Exchange (IKE) protocol. Junos OS refers to such automated tunnel negotiation as AutoKey IKE and supports AutoKey IKE with preshared keys and AutoKey IKE with certificates.
Diffie-Hellman ExchangeA Diffie-Hellman (DH) exchange allows participants to produce a shared secret value. The strength of the technique is that it allows participants to create the secret value over an unsecured medium without passing the secret value through the wire. The size of the prime modulus used in each group's calculation differs as shown in the below table. Diffie Hellman (DH) exchange operations can be performed either in software or in hardware. When these exchange operations are performed in hardware, we utilize QuickAssist Technology (QAT) cryptography. The following Table 1 lists different Diffie Hellman (DH) groups and specifies whether the operation performed for that group is in the hardware or in software. Table 1: Diffie Hellman (DH) groups and their exchange operations performed
Starting in Junos OS Release 19.1R1, SRX Series devices support DH groups 15, 16, and 21. Starting in Junos OS Release 20.3R1, vSRX instances with junos-ike package installed support DH groups 15, 16, and 21. We do not recommend the use of DH groups 1, 2, and 5. Because the modulus for each DH group is a different size, the participants must agree to use the same group. IPsec Security ProtocolsIPsec uses two protocols to secure communications at the IP layer:
You can choose your security protocols—also called authentication and encryption algorithms—during Phase 2 proposal configuration. See Internet Key Exchange. For each VPN tunnel, both AH and ESP tunnel sessions are installed on Services Processing Units (SPUs) and the control plane. Tunnel sessions are updated with the negotiated protocol after negotiation is
completed. For SRX5400, SRX5600, and SRX5800 devices, tunnel sessions on anchor SPUs are updated with the negotiated protocol while non-anchor SPUs retain ESP and AH tunnel sessions. ESP and AH tunnel sessions are displayed in the outputs for the This topic includes the following sections:
IPsec Authentication Algorithms (AH Protocol)The Authentication Header (AH) protocol provides a means to verify the authenticity and integrity of the content and origin of a packet. You can authenticate the packet by the checksum calculated through a Hash Message Authentication Code (HMAC) using a secret key and either MD5 or SHA hash functions.
For more information on MD5 hashing algorithms, see RFC 1321 and RFC 2403. For more information on SHA hashing algorithms, see RFC 2404. For more information on HMAC, see RFC 2104. IPsec Encryption Algorithms (ESP Protocol)The Encapsulating Security Payload (ESP) protocol provides a means to ensure privacy (encryption) and source authentication and content integrity (authentication). ESP in tunnel mode encapsulates the entire IP packet (header and payload) and then appends a new IP header to the now-encrypted packet. This new IP header contains the destination address needed to route the protected data through the network. (See Packet Processing in Tunnel Mode.) With ESP, you can both encrypt and authenticate, encrypt only, or authenticate only. For encryption, you can choose one of the following encryption algorithms:
For authentication, you can use either MD5 or SHA algorithms. Even though it is possible to select NULL for encryption, it has been demonstrated that IPsec might be vulnerable to attack under such circumstances. Therefore, we suggest that you choose an encryption algorithm for maximum security. IPsec Tunnel NegotiationThe following two different modes that determine how the traffic is exchanged in the VPN.
Supported IPsec and IKE StandardsOn routers equipped with one or more MS-MPCs, MS-MICs, or DPCs, the Canada and U.S. version of Junos OS substantially supports the following RFCs, which define standards for IP Security (IPsec) and Internet Key Exchange (IKE).
Junos OS partially supports the following RFCs for IPsec and IKE:
The following RFCs and Internet draft do not define standards, but provide information about IPsec, IKE, and related technologies. The IETF classifies them as “Informational.”
Release History Table 19.1R1 Starting in Junos OS Release 19.1R1, SRX Series devices support DH groups 15, 16, and 21. Which mode is both data and headers are encrypted?Use tunnel mode for network-to-network communications or host-to-network and host-to-host communications over the Internet. In tunnel mode, the entire IP packet (data, plus the message headers) is encrypted and/or authenticated. It must then be encapsulated into a new IP packet for routing to work.
In what modes can an IPsec VPN encrypt data?The IPsec standards define two distinct modes of IPsec operation, transport mode and tunnel mode. The modes do not affect the encoding of packets. The packets are protected by AH, ESP, or both in each mode.
Does IPsec encrypt header?Encryption: IPsec encrypts the payloads within each packet and each packet's IP header (unless transport mode is used instead of tunnel mode — see below). This keeps data sent over IPsec secure and private.
What is main mode and quick mode in IPsec?Main mode or Aggressive mode (within Phase 1 negotiation) authenticate and/or encrypt the peers. Quick mode (Phase 2) negotiates the algorithms and agree on which traffic will be sent across the VPN. Let's take a further look at Quick mode phase (Phase 2) and what it's role is within an IPsec VPN tunnel.
|