The Study And Application Improvement Of IPSec VPN

VPN means the logical sub-network shaped by networks located in different places physically which are connected by main public networks, offering safe and reliable channels for both communicators. High safety of IPSec ensures the safe transmission of information on internet.After the description of theoretical information of VPN, this paper illustrates the IPSec protocol in detail. Then much attention is given to the analysis and improvements of some modules of IPSec, including the improvement with regard to authorization method by signing, the attack of refusing service, and the attack of replay. Confronted with the flaws of IPSec in implementation, this paper gives detailed analysis and puts forward some advice. First, make mutiprotocal use in IPSec VPN system possible with GRE Over IPSec solution. Second, after the analysis of network structure of IPSec VPN system, propose a solution, that is to say, replacing the traditional topological structure of networks characterized by being singly star or net-shaped with star-shaped structure with two central VPN gateways, which improves the stability and flexibility of network. Finally, by referring to the improvement suggestions before, make out concrete network schemes and examples in practice.