DOI:10.19850/j.cnki.2096-4706.2022.24.017

中图分类号：TP393                                          文献标识码：A                                 文章编号：2096-4706（2022）24-0069-03

Design and Simulation of End-to-End IPSec VPN Experiment Based on eNSP

CHEN Zhanchi, WANG Xiaopin

(Department of Electronics, Software Engineering Institute of Guangzhou, Guangzhou 510990, China)

Abstract: At present, the internet generally uses TCP/IP protocol for basic communication, but TCP/IP itself does not provide security. The data on the progress of internet transmission is easy to be forged, tampered with or peeked at. In particular, the data transmission among different office locations of enterprises or institutions must pass through the internet, so it is more important to protect the security of data transmission. VPN is an extension of the internal network of an enterprise. It can help internal network of remote users, enterprises or the branches of institutions to establish reliable and secure connections, and ensure the safe transmission of data. IPSec VPN can effectively protect the security of IP datagrams. It provides a set of robust security mechanism, which can provide security for IP upper layer protocols. This paper studies the principle of IPSec technology and VPN tunnel, analyzes and uses eNSP simulator to design and implement IPSec VPN network, and tests the network in practice.

Keywords: IPSec; secure transmission; VPN; network experiment; teaching simulation

参考文献：

[1] 龙敏 . 数据加密与信息安全 [J]. 信息与电脑：理论版，2019（1）：230-231.

[2] 乔梁 . 构建 IPSec VPN 网络实现气象数据加密报送 [J].电子技术与软件工程，2016（7）：216.

[3] 赵钊 . 基于 VPN 技术的校园网络安全体系的研究与实现[D]. 西安：西安工业大学，2012.

[4] 邱海彬，李克楠 .IPSEC 密钥交换协议（IKE）在多核处理器上抗 DOS 攻击研究 [J]. 信息技术与信息化，2022（8）：94-97.

[5] 杨洋，花欣，秦培斌，等 . 对 IKE 协议中弱密钥的研究 [J].通信技术，2014，47（10）：1198-1202.

作者简介：陈展翅（1986.10—），男，汉族，广东广州人，助教，硕士研究生，研究方向：嵌入式系统开发。