We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Link Balancer

How many phases does IPSec have?

  • Type: Knowledgebase
  • Date changed: 8 months ago
Solution #00005438

Scope:
This solution applies to all Barracuda Link Balancers

Answer:
  1. Initial authentication
        a.Shared secret (part of IKE)
        b. LDAP, Digital certificates,etc
  2. Negotiation of VPN parameters
        a. Encryption, key life cycle, etc.
  3. Protection of data
        a.Actual VPN
IPSec has three distinct phases:

In the first phase, initial authentication takes place. Both end points confirm who they are. This process can be done by LDAP, PKI or by exchange of a shared secret, which is a hash of a pre-programmed password. When a shared secret is used, IKE (Internet Key Exchange) handles the negotiation using UDP/500.

In phase Two, the parameters of the VPN are negotiated. The two end points negotiate things like encryption types, security services (ESP or AH or combination) and how often encryption keys are created.
*ESP uses protocol 50 and AH uses protocol 51.

In phase Three the VPN is initialized and data is transferred securely.

Link to this page:
https://campus.barracuda.com/solution/50160000000IP4iAAG