VPN Question 2

[Yehey]

Hi,

I'm what you call a newbie when it comes to VPN. Kinda confused about IPSEC and GRE at the moment. My questions is,
what is the difference between IPSEC and GRE when used in
VPN?

Would also appreciate it if you could discuss how IPSEC and GRE complement each other for better security.


Thanks.

 

[burtsbees]

IPSEC is much more secure than a plain GRE tunnel. A GRE tunnel has no encryption of the data---it just tunnels (encapsulates) the data. IPSEC has an ESP and AH header---it can encrypt with 3DES or better, but 3DES is 96 bits truncated to 55 or something, and encrypted 3 times, for 160 bit triple encryption.
The AH is for authentication of the data (pre-shared keys).

Burt

 

[Yehey]

Thank you Burt for the explanation. One last question, im just wondering why do some VPN setup incorporate both tunneling protocols together?

Thanks

 

[burtsbees]

I imagine they use IPSEC to encrypt the data inside a GRE tunnel, because things like Novell that uses non-IP cannot use IPSEC, because it uses IPX and SPX, and data cannot be carried over a protocol that is not supported.

Burt