IPsec Packet Flow - Securing the Network in Oracle® Solaris 11.2

Securing the Network in Oracle^® Solaris 11.2

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Securing the Network in Oracle^® ... » About IP Security Architecture » IPsec Packet Flow

Updated: August 2014

Securing the Network in Oracle^® Solaris 11.2

Document Information

Using This Documentation

Chapter 1 Using Link Protection in Virtualized Environments

Chapter 2 Tuning Your Network

Chapter 3 Web Servers and the Secure Sockets Layer Protocol

Chapter 4 About IP Filter in Oracle Solaris

Chapter 5 Configuring IP Filter

Chapter 6 About IP Security Architecture

Chapter 7 Configuring IPsec

Chapter 8 About Internet Key Exchange

Chapter 9 Configuring IKEv2

Chapter 10 Configuring IKEv1

Chapter 11 Troubleshooting IPsec and Its Key Management Services

Chapter 12 IPsec and Key Management Reference

Network Security Glossary

Language:

IPsec Packet Flow

Figure 6–1 shows how an IP packet proceeds when IPsec has been invoked on an outbound packet. The flow diagram illustrates where authentication header (AH) and encapsulating security payload (ESP) entities can be applied to the packet. Subsequent sections describe how to apply these entities, as well as how to choose the algorithms.

Figure 6–2 shows the IPsec inbound process.

Figure 6-1 IPsec Applied to Outbound Packet Process

image:Flow diagram shows that the outbound packet is first protected by ESP, and then by AH. The packet then goes to a tunnel or a physical interface.

Figure 6-2 IPsec Applied to Inbound Packet Process

image:Flow diagram shows that IPsec first processes the AH header, then the ESP header on inbound packets. A packet that is not protected enough is dropped.

Copyright © 1999, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices