| VPN, Virtual Private Network, through ISP (Internet service provider) and other NSP (network service provider) establishes specialized data communication network in public network. The core of VPN is to realize tunnel communication, which fulfils the task of data encapsulation via complicated protocol. VPN encapsulates the data of enterprise network into the tunnel and transmits it through the Internet. Therefore, the complexity of VPN is based on that of tunnel protocol, typified by IPSEC, L2TP, PPTP, etc.By introducing security mechanism into IP protocol, IPSEC ensures the security of data communication. As a future direction of safe network, IPSEC builds trust and safety between the sender's IP and the destination's IP. It protects communication by securing peer-to-peer safety so that attack from the Internet and specialized websites can be prevented. There are three types of mechanism of IPSEC VPN:OS integrated way,BITS way and BITW way.SSL VPN ensures security by combining SSL/TLS protocol, advanced encryption algorithm and identity recognition based on tunnel.ing. SSL VPN supports multiple network protocols and recognizes identities of both sides of communication via PKI and encryption so that the safety of data communication can be ensured. Its advantage includes low maintenance cost, relative easiness of use, and the ability to cross NAT.Starting with the theorem of VPN, the current research first analyzed the operational principle and critical technology of VPN. In addition, the researcher analyzed the system architecture and protocol type of IPSEC and studied SSL VPN, with a particular emphasis on the executive plan of IPSEC VPN and SSL VPN. Finally, by using experiment method, the present study test how IPSEC VPN and SSL VPN can be realized in Linux, and designed extended function of the executive plan of the Open VPN of SSL VPN. |
PDF Full Text Request