Shulou(Shulou.com)06/03 Report--

This article mainly introduces "what are the specific requirements of the tunnel agent IP". In the daily operation, I believe many people have doubts about the specific requirements of the tunnel agent IP. The editor consulted all kinds of materials and sorted out a simple and easy-to-use method of operation. I hope it will be helpful to answer the doubts of "what are the specific requirements of the tunnel agent IP?" Next, please follow the editor to study!

Because the layer 2 tunneling protocol (PPTP and L2TP) is based on the perfect PPP protocol, it inherits the complete features.

1. User confirmation.

Layer 2 tunneling protocol inherits the method of user authentication of PPP protocol. Many layer 3 tunneling techniques assume that the two endpoints of the tunnel are known to each other or have been verified before the tunnel is created. The ISAKMP negotiation of the IPSec protocol provides mutual authentication between tunnel endpoints, which is an exception.

2. Token card (card) support.

Using the extended authentication protocol (EAP), the layer 2 tunneling protocol can support a variety of authentication methods, including one-time password (one-timepassword), encryption calculator (cryptographiccalculator), smart card and so on. Layer 3 tunneling protocols also support the use of similar methods. For example, the IPSec protocol can determine the validity of public key certificates through ISAKMP/Oakley negotiation.

3. Dynamically assign addresses.

Layer 2 tunneling protocol supports dynamic allocation of user addresses based on the negotiation mechanism of Network Control Protocol (NCP). Layer 3 tunneling protocols usually assume that addresses are assigned before the tunnel is established. The address allocation mechanism in the current IPSec tunnel mode remains to be improved.

4. Data compression. The second-level tunnel protocol supports data compression based on PPP mode.

Microsoft's PPTP and L2TP, for example, use Microsoft's (MPPE) peer-to-peer encryption protocol. In the layer 3 tunneling protocol, IETP also uses a similar data compression mechanism.

5. Data encryption.

Layer 2 tunneling protocol supports PPP-based encryption mechanism. Microsoft's PPTP scheme supports MPPE selection based on the RSA/RC4 algorithm. Layer 3 tunneling protocols can use similar methods, for example, IPSec determines some optional data encryption methods through ISAKMP/Oakley negotiation. The L2TP protocol uses Microsoft's IPSec encryption technology to protect data flow between tunnel clients and servers.

6. Key management.

MPPE is a layer 2 protocol that relies on the key generated during user authentication and is updated periodically. During the ISAKMP exchange, the IPSec publicly negotiates the public key and updates it periodically.

7. Multi-protocol support.

Layer 2 tunneling protocol supports multiple payload data protocols, so tunnel users can access multiple protocols, such as IP, IPX, NetBEUI and other enterprise networks. Layer 3 tunneling protocols such as IPSec tunnel mode can only support target networks using IP protocol.

At this point, the study on "what are the specific requirements of tunnel agent IP" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.