07-17-2009 01:13 AM - edited 02-21-2020 04:17 PM
Hello All,
Incase we use tunnle mode IPSEC VPN, I understand that the whole IP packet is encrypted and a new Ip header is added. But which Source IP and destination IP will this new IP packet have is it the Tunnel endpoints IP or will it still have the same LAN source IP? Please help.
Thanks,
Solved! Go to Solution.
07-17-2009 02:49 AM
Prakadeesh
The source and destination IPs in the new IP header will be the tunnel endpoints. This is how you can route between networks using private addressing ie.
private addressing such 172.16.5.0/24 is not routable on the internet. But it doesn't matter because these addresses are hidden from the internet. These addresses are in the IP header of the original packet but not the new IP header.
Obviously for a VPN across the internet the addresses in the new IP header must be routable on the internet.
Jon
07-17-2009 02:49 AM
Prakadeesh
The source and destination IPs in the new IP header will be the tunnel endpoints. This is how you can route between networks using private addressing ie.
private addressing such 172.16.5.0/24 is not routable on the internet. But it doesn't matter because these addresses are hidden from the internet. These addresses are in the IP header of the original packet but not the new IP header.
Obviously for a VPN across the internet the addresses in the new IP header must be routable on the internet.
Jon
07-20-2009 12:03 AM
cool!!! Thanks Jon :)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: