Encrypting network traffic using IPsec


Whenever we send any data over a network of any kind, private or public, wired or wireless, that data is vulnerable to both interception and modification unless steps are taken to ensure the security and authenticity of said data. This document examines how we can use the Internet Protocol Security Extensions, or IPsec as it is more commonly known, to provide end-to-end encryption services providing security against interception, modification and replay.

In addition to documentation on how to use the setkey application and racoon daemon to provide security between peers on a Local Area Network (LAN) using IPsec in transport mode we shall also examine how to use IPsec in tunnel mode to create a Virtual Private Network (VPN) to transparently connect two networks together over the Internet.