摘要:因特网协议安全(IPSec)是一系列建立在网络层最顶端的协议,通常被用来建立虚拟隧道,最广为人知的是虚拟专用网络(VPN)。虚拟专用网络(VPN)在公共网络,如因特网中扩展出一个私有网络。它使计算机通过共享的或公共的网络来发送和接收数据,就好像它是直接连接到私有网络,而且受益于私有网络的功能性、安全性和管理政策。
本次课题中,论文首先对IPSec VPN的背景和原理进行了一些简单的介绍,接着论文介绍了VPN网关实现的具体步骤及功能。本次课题使用了Linux系统这个免费开源的平台用来作为VPN网关。通过在一个Linux系统上搭建VPN服务器来充当VPN网关并采用了xl2tp协议进行数据传输,在另一个Linux系统上搭建web以及ftp服务用来充当私有网络。最后用一台Windows充当公共网络中的一台主机,通过拨号直接连入VPN网关,对私有网络的web以及ftp实现访问。本次课题的成功展示出了IPSec VPN在传输数据方面的良好的安全性、网络功能和管理性能,同时也展现出了IPSec VPN良好的研究应用价值和开发前景。21493 毕业论文关键字:Linux;虚拟专用网络;IPSec;网关;xl2tp
Linux VPN gateway platform based on IPSec protocol
Abstract: Internet Protocol Security (IPsec) is a set of protocols which sit on top of the Internet Protocol (IP) layer, it is used to build virtual tunnels, commonly known as Virtual Private Networks (VPNs). A virtual private Network (VPN) extends a private network across a public network, such as the Internet. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network.
In this topic, the thesis simply introduced the background and principle of IPSec VPN, and then introduced the concrete steps to implement VPN gateway and the function of VPN gateway. Linux system, the free, open source platform was used for VPN gateway in the topic. The VPN server was set up on a Linux system to act as the VPN gateway and adopted xl2tp protocols for data transmission, and then another Linux system was used to build web and FTP service to act as a private network. Finally a Windows system was built to act as the host of the public network, achieving access to web and FTP service of the private network by dialing directly connected to the VPN gateway. This topic successfully showed the good security, powerful network function and high performance of management, it also showed that IPSec VPN is valuable in advanced research and development.
Keywords: Linux; VPN; IPSec; gateway; xl2tp
目录
摘要 i
Abstract i
目录 iii
1 绪论 1
1.1 基于IPSEC 协议的VPN 概述 1
1.1.1 IPSec VPN的定义 1
1.1.2 IPSec VPN的优缺点 2
1.2 VPN的发展趋势 4
1.3 IPSEC VPN的基本原理 5
1.3.1 IPSec的基本原理 5
1.3.2 VPN的基本原理 5
2 IPSec VPN系统的实现过程及具体设计 7
2.1 IPSEC协议的实现 7
2.2 VPN的实现 8
2.3 本次课题的基本实现功能及简要说明 9
2.3.1 本次课题的网络拓扑图 9
2.3.2 本次课题实现的基本流程和功能 10
3 基于IPSec VPN的Linux网关平台的实现 11