Scribd Logo
Importer

Bienvenue sur Scribd !

  • Chapter 10 Ex

    Transféré par

    Sun Java
    46 vues3 pages
    IT Sec

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    IT Sec

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    46 vues3 pages

    Chapter 10 Ex

    Transféré par

    Sun Java
    IT Sec

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 3

    Fachbereich 2 IT-Security

    Prof. Dr. Martin Kappes (I/II)

    Exercise Chapter Virtual Private Networks

    Exercise 1:

    Describe the following terms briefly in 3-4 sentences.

    1. Virtual Private Network

    2. RAS

    3. Site-to-Site VPN

    Exercise 2:

    Explain and describe how IPSec works in detail. In your explanation, the terms AH, ESP,
    Tunnel Mode and Transport mode should be addressed. Also, describe what the Sequence
    Number in AH and ESP is used for.

    Exercise 3:

    Explain and describe how OpenVPN works in detail. In your explanation, the terms tun-
    device and tap-device should be addressed.

    1
    Practical Exercise Chapter Firewalls

    Exercise 1:

    Use openssl under Linux to set up a certificate authority. Create keys and certificates for
    all machines in the reference network. Moreover, create a Diffie-Hellman parameter file.

    Exercise 2:

    Configure the reference network as in the initial lab excercise.

    10.2.4.37

    172.16.2.5 10.2.4.1
    172.16.2.0/24 10.2.4.0/24
    (ffentliches Verbindungsnetz) (Institutionsnetz)

    172.16.2.4

    Router

    192.168.1.5

    192.168.1.0/24
    (Institutionsnetz)

    192.168.1.100

    All machines in the network must run Linux.

    2
    Exercise 3:

    Create a site-to-site VPN between 10.2.4.0/24 and 192.168.1.0/24 with IPsec (ESP, tunnel
    mode). Using the java-program from the initial lab exercise, observe the traffic in the public
    network using Wireshark with and without the VPN. Explain what IP-addresses, protocols
    and ports show up and why.

    Exercise 4:

    Create a site-to-site VPN between 10.2.4.0/24 and 192.168.1.0/24 with OpenVPN (tun de-
    vice). Using the java-program from the initial lab exercise, observe the traffic in the public
    network using Wireshark with and without the VPN. Explain what IP-addresses, proto-
    cols and ports show up and why. Which changes are required in the routing tables of the
    machines and what happens if you do not make these changes?

    Exercise 5:

    Compare IPsec and OpenVPN with and explain differences and commonalities in what you
    observed.

    Exercise 6:

    Now, create a Remote Access VPN with OpenVPN (tap device) for the 10.2.4.0/24-network:
    Run the OpenVPN server on the router of the network. Before, create a tap-device and
    brige it with the Ethernet interface into 10.2.4.1/24-network. Set up the OpenVPN client on
    192.168.1.100. Using the java-program from the initial lab exercise, observe the traffic in all
    networks using Wireshark with and without the VPN. Explain what IP-addresses, protocols
    and ports show up and why.

    Vous aimerez peut-être aussi