Está en la página 1de 2

CHNG 5: VPN over IP ..............................................................................

93
1. CNG NGH MNG RING O TRN INTERNET IP-VPN .............. 93
1.1 Gi thiu v mng ring o trn Internet IP-VPN ............................................. 93
1.1.1 Khi nim v mng ring o trn nn tng Internet ............................................. 93
1.1.2 Kh nng ng dng ca IP-VPN .......................................................................... 93
1.2 Cc khi c bn trong mng IP-VPN .................................................................. 93
1.2.1 iu khin truy nhp ............................................................................................ 93
1.2.2 Nhn thc ............................................................................................................. 94
1.2.3 An ninh ................................................................................................................. 94
1.2.4 Truyn Tunnel nn tng IP-VPN .......................................................................... 94
1.2.5 Cc tha thun mc dch v ................................................................................. 96
1.3 Phn loi mng ring o theo kin trc ............................................................... 96
1.3.1 IP-VPN truy nhp t xa ........................................................................................ 96
1.3.2 Site-to-Site IP-VPN .............................................................................................. 98
1.3.2.1 Intranet IP-VPN................................................................................................. 98
1.3.2.2 Extranet IP-VPN ................................................................................................ 98
1.4 Cc giao thc ng ngm trong IP-VPN .......................................................... 99
1.4.1 PPTP (Point - to - Point Tunneling Protocol)..................................................... 100
1.4.1.1 Duy tr ng ngm bng kt ni iu khin PPTP ....................................... 100
1.4.1.2 ng gi d liu ng ngm PPTP .............................................................. 100
1.4.1.3 X l d liu ng ngm PPTP ..................................................................... 101
1.4.2 L2TP (Layer Two Tunneling Protocol) .............................................................. 101
1.4.2.1 Duy tr ng ngm bng bn tin iu khin L2TP ........................................ 101
1.4.2.2 ng ngm d liu L2TP .............................................................................. 102
1.4.2.3 X l d liu ng ngm L2TP trn nn IPSec ............................................. 102
2. GIAO THC IPSEC CHO IP-VPN .................................................................... 103
2.1 Gii thiu .............................................................................................................. 103
2.2 ng gi thng tin ca IPSec .............................................................................. 103
2.2.1 Cc kiu s dng ................................................................................................ 103
2.2.1.1 Kiu Transport ................................................................................................. 104
2.2.1.2 Kiu Tunnel ..................................................................................................... 104
2.2.2 Giao thc tiu xc thc AH ........................................................................... 105
2.2.2.1 Cu trc gi tin AH ......................................................................................... 105
2.2.2.2 Qu trnh x l AH .......................................................................................... 106
2.2.3 Giao thc ng gi an ton ti tin ESP .............................................................. 107
2.2.3.1 Gii thiu ......................................................................................................... 107
2.2.3.2 Cu trc gi tin ESP ........................................................................................ 107
2.3 Nhng giao thc ang c ng dng cho x l IPSec ................................... 109
2.3.1 Mt m bn tin .................................................................................................... 109
2.3.1.1 Tiu chun mt m d liu DES ...................................................................... 109
2.3.1.2 Tiu chun mt m ha d liu gp ba 3DES ................................................. 110
2.3.2 Ton vn bn tin ................................................................................................. 110

2.3.3 Nhn thc cc bn .............................................................................................. 110


2.3.4 Qun l kha........................................................................................................ 110
2.3.4.1 Giao thc Diffie-Hellman ................................................................................ 111
2.3.4.2 Quyn chng nhn CA..................................................................................... 112
2.4 V d v hot ng ca mt IP-VPN s dng IPSec ........................................ 112
3. THC HIN IP-VPN............................................................................................ 113
3.1 Gii thiu .............................................................................................................. 113
3.2 Cc m hnh thc hin IP-VPN .......................................................................... 114
3.2.1 Access VPN ........................................................................................................ 114
3.2.1.1 Kin trc khi to t my khch ..................................................................... 115
3.2.1.2 Kin trc khi to t my ch truy nhp NAS................................................. 115
3.2.2 Intranet IP-VPN v Extranet IP-VPN ................................................................ 116
3.2.3 Mt s sn phm thc hin VPN ........................................................................ 116
KT LUN ................................................................................................................ 117