• <var id="czqhk"></var>
  • <label id="czqhk"><rt id="czqhk"></rt></label>
  • <code id="czqhk"><label id="czqhk"></label></code>

    畢業論文-基于GRE-over-IPsec-VPN設計與仿真 下載本文

    摘 要

    人類社會已經進入21世紀,計算機信息網絡已深入到世界的各個角落,地域、國家、政府、企業甚至家庭。計算機網絡的飛速發展給人來帶來了諸多便利,而然其潛在的網絡信息安全威脅也彌漫在各個領域。

    本課題設計與論述的是關于網絡安全中常用的一種技術——虛擬專用網(VPN)技術。該技術的主要作用:將不在同一區域的內網之間,通過在互聯網中建立一種安全隧道,使得內網數據流安全地穿越互聯網,而不被外網用戶獲悉,從而保證內網之間的數據通信安全地穿越互聯網。

    本課題所探討的VPN技術則是建立在GRE over IPSec技術之上,并通過合肥百大集團的網絡拓撲對其進行設計與仿真。

    GRE over IPSec VPN技術是通過GRE與IPSec相結合,而形成的一種安全性更好VPN技術,其主要借用IPSec的安全加密和GRE支持多播的優點,從而使得VPN網絡更加安全。該項技術的主要工作原理:將一個完整的組播、廣播數據包或非IP數據包封裝在一個單播數據包(IPSEC)里,以處理如OSPF的組播或 RIP的廣播數據流,以完成在IPSec隧道里通信實體之間的動態路由學習。

    關鍵字:網絡安全,VPN,IPSec,GRE,動態路由協議(具體是OSPF協議)

    I

    Abstract

    The human society has entered the 21st century, and the computer information network has penetrated every corner of the world, regional, state, government, businesses and even families. The rapid development of computer networks has brought much convenience to people, and then the potential security threat network information filled in the various fields.

    Design and discussion of the topic is about a kind commonly used in network security technologies - virtual private network (VPN) technology. The main function of the technology: the network is not within the same region between the Internet by establishing a secure tunnel so that data flows within the network through the Internet safely without the user was informed by external network, thus ensuring the network between secure data communications through the Internet.

    The topics are discussed in VPN technology is built on top of GRE over IPSec technology, and through Hefei Baida Group to design their network topology and simulation.

    GRE over IPSec VPN technology is through the combination of GRE and IPSec, and the formation of a better VPN security technology, its main borrowing GRE IPSec encryption and security advantages of multicast support, which makes the network more secure VPN. The main working principle of the technology: a complete multicast, broadcast packets or IP packets are encapsulated in a unicast packet (IPSEC) in order to deal with, such as OSPF or RIP broadcast multicast data streams to complete the communication entities in the IPSec tunnel between the dynamic routing study.

    Keywords: Network Security, VPN, IPSec, GRE, Dynamic Routing Rrotocols (specifically,

    the OSPF protocol)

    II

    目 錄

    摘 要 .......................................................................................................................................... I Abstract .......................................................................................................................................... II 第一章 網絡安全與VPN簡介 ..................................................................................................... 1

    1.1網絡安全簡介 .................................................................................................................... 1 1.2 VPN技術簡介 ................................................................................................................... 2 第二章 GRE over IPSec VPN相關技術描述............................................................................... 5

    2.1 GRE隧道協議 ................................................................................................................... 5 2.2 IPSec概述 .......................................................................................................................... 6 2.3 AH和ESP ......................................................................................................................... 9 2.4 IKE協議 .......................................................................................................................... 12 第三章 系統VPN分析與概要設計 ........................................................................................... 17

    3.1系統VPN需求分析 ........................................................................................................ 17 3.2系統VPN規劃與概要設計 ............................................................................................ 18 3.3系統VPN規劃與概要設計 ............................................................................................ 20 第四章 GRE over IPSec VPN相關技術分析............................................................................. 22

    4.1 GRE基本配置與分析 ..................................................................................................... 22

    4.1.1 配置網絡環境 ....................................................................................................... 22 4.1.2 配置GRE VPN ..................................................................................................... 23 4.2 IPSec基本配置與分析 .................................................................................................... 24

    4.2.1 IPSec VPN基本配置步驟 ..................................................................................... 24 4.2.2 IPSec VPN安利配置與分析 ................................................................................. 26 4.3 IPSec over GRE VPN和GRE over IPSec VPN基本配置與分析 ................................ 36

    4.3.1 IPSec over GRE VPN配置與分析........................................................................ 36 4.3.2 GRE over IPSec VPN配置與分析........................................................................ 42 4.3.3 GRE over IPSec VPN與IPSec over GRE VPN的區別 ...................................... 46

    第五章 基于GRE over IPsec VPN設計與仿真的實現 ............................................................ 47

    5.1 GRE over IPsec VPN配置與實現 .................................................................................. 47 5.2 查看本系統GRE over IPsec VPN配置文件 ................................................................ 54 5.3 網絡系統調試與分析 ..................................................................................................... 59 結 論 ....................................................................................................................................... 66

    一、技術要點和難點 ............................................................................................................ 66

    (一)技術要點 ............................................................................................................. 66 (二)技術難點 ............................................................................................................. 69 二、設計中遇到的問題 ........................................................................................................ 71

    III

    三、畢業設計總結 ................................................................................................................ 73

    (一)個人體會 ............................................................................................................. 73 (二)專業和技術總結 ................................................................................................. 74 (三)方案總結 ............................................................................................................. 75

    參考文獻 ....................................................................................................................................... 76 致 謝 ....................................................................................................................................... 78 附 錄 ....................................................................................................................................... 79

    IV





    免费的中国黄网站大全-恋母情结浩君全彩漫画-无翼乌之漫画漫画大全-大飞网