• cisco pix: introduction
  
• cisco pix: introduction cont
  
• cisco pix: basic pix configuration
  
• cisco pix: basic pix configuration cont
  
• cisco pix: tcp, udp, nat, pat, and pd
  

• cisco pix: tcp, udp, nat, pat, and pd 2
  
• cisco pix: tcp, udp, nat, pat, and pd 3
  
• cisco pix: tcp, udp, nat, pat, and pd 4
  
• cisco pix: configuring site to site vpn's
  
• cisco pix: configuring site to site vpn's 2
  

• cisco pix: configuring site to site vpn's 3
  
• cisco pix: configuring site to site vpn's 4
  
• cisco pix: configuring site to site vpn's 5
  
• cisco pix: access control lists and content filtering
  
• cisco pix: access control lists and content filtering 2
  

• cisco pix: access control lists and content filtering 3
  
• cisco pix: object grouping for quick and easy acl's
  
• cisco pix; slightly advanced configuration
  
• cisco pix: slightly advanced configuration 2
  
• cisco pix: slightly advanced configuration 3
  

• computertutorials
  
• computertutorials2
  
• securitytutorials
  
• computertutorials3
  
• computertutorials4
  
• securitytutorials3
  
• securitytutorials4
  

CISCO PIX: CONFIGURING SITE TO SITE VPN'S CONT...

IKE Phase Two
Having successfully authenticated each peer and establishing a secure channel for further communications, IKE Phase One evolves in to Phase Two.

As mentioned phase two can only occur after the IKE SA negotiation has completed. Phase Two’s main purpose is to negotiate mutual policies for non ISAKMP SA’s such as the IPSec SA and to derive the keying material to be used.

Phase Two only has the one mode, called Quick Mode.

Once the secure tunnel has been setup by Phase One, Phase Two negotiates the IPSec parameters to be used such as the various algorithms, Shared Secret keying material etc. It is also used to re-negotiate the a new SA once the predetermined life-span of the current IPSec SA has expired.

IPSec has two main protocols, ESP and AH.

**I will cover the encryption and hashing standards first – if they seem confusing at first it will all become apparent later on when the VPN gets configured**

Encapsulating Security Payload – ESP
ESP is an extensive protocol that provides antireplay services, data authentication and data encryption and is primarily responsible for securelygetting the data from the source to the destination in such a way that the destination host will know if the data has been tampered with hence ensuring that your session can not be effectively hijacked.
ESP is versatile enough to be able to encrypt either just the payload of the packet or the entire data packet and can also authenticate the sender of the data either in conjunction with Authentication Header or on its own.

IPv4 Packet Encrypted with ESP:
_________________________________________________________________________
|IP HEADER | ESP HEADER | TCP INFO | DATA | ESP TRAILER | ESP AUTHENTICATION |
``````````````````` --------- ENCRYPTED BY ESP ---------- ``````````````````````````
the ESP Header and all up to and including the ESP Trailer is Authenticated by ESP

Authentication Header
Authentication Header pretty much does as it names suggests, it authenticates the information that is in the IP Header, or in other words it ensures that the data did originate from where it says it does in the header by means or origin authentication. By doing this is provides antireplay services and prevents your session being hijacked. It may seem similar to ESP but the one glaring difference is that AH does not provide any data encryption, its only purpose is to authenticate the sender.

One major downfall with AH is that it is not compatible with Network Address Translation (NAT). Due to the address translation occurring before the IPSec SA being established, by altering the sending IP address you would cause the AH hash that confirms the sending source to fail.

IPv4 Packet with AH
__________________________________________________________
| IP HEADER | AUTHENTICATION HEADER (AH) | TCP | DATA |
``````````````````````````````````````````````````````````
As you can see no encryption takes place, unlike ESP which encrypts the payload of the packet.

**ESP and NAT is supported by the PIX by way of a fix-up protocol that inspects ESP on a more granular level**

ESP and AH can be configured to use different algorithms to encrypt and hash the data.

**An Encryption Algorithm is used to encrypt the data where as a Hash Algorithm is used to provide data integrity**

The PIX will support the following encryption algorithms:

Data Encryption Standard (DES):
DES is a 56 bit symmetric encryption algorithm. Although it is somewhat outdated now it is included with the PIX for legacy reasons and should not be used if there is another option available. Due to US technology export restrictions it is more commonly used outside the USA.

Triple Data Encryption Standard (3DES):
3DES as it name suggests it three time as strong as DES by way of a 168 bit symmetric cipher which is obtained by encrypting the data three consecutive times using DES. More specifically the data is first encrypted using a 56 bit DES key, then decrypted using another 56 bit DES key and then re-encrypted using yet another 56 bit DES key.

Advanced Encryption Standard (AES)
AES is a symmetric block cipher that encrypts and decrypts the data using cryptographic keys of 128, 192 or 256 bit lengths. The resulting encrypted data is then placed into 128 bit blocks which are combined into cipher block chains.

**Symmetric encryption uses only a single secret key by itself to encrypt and decrypt the data. Asymmetric encryption uses a key pair -- both a public and a private one -- for encryption and is commonly used for Certificates. The sending host uses the receiver's public key to encrypt the data and the receiver uses their private key to decrypt it.**

Message Hashing
A hash algorithm simply talks the message, puts is through an algorithm and creates a fixed length Message Digest (MD) from it. This message digest is then put into another algorithm called a digital signature algorithm which in turn generates a signature (or hash) for the message from the message digest, rather than from the actual message, which reduces the processing time of the message. Should the data be altered even slightly it will massively throw out the message digest (which remember is derived from the original data) and as a knock on affect the signature (or hash) will be invalid.

For the hash to be created at the sending station and then understood at the receiving station both stations must be using the same algorithms.

The PIX will support the following hash algorithms:

Secure Hash Algorithm 1 (SHA -1)
SHA -1 produces 160 bit output and is considered more secure than MD5 for this reason

Message Digest 5 (MD5)
MD5 output is 128 bit. It is considered faster that SHA -1 but less secure.



IPSec Session
Once Phase One and Phase two are established, traffic deemed interesting for the IPSec session will flow through the tunnel in encrypted form. The tunnel is not an ‘always on’ means and will time out after either a predefined time limit is reached or a predefined amount of data has been sent through it.

One of the main weak points with any encrypted service is the amount of data sent in the encrypted form that had been encrypted using the same keysets. The more data that can be collected the easier it may be for the encryption algorithm to become compromised ( you only have to look at WEP for a perfect example of this). For this reason the SA’s established will time out either after a predefined amount of time or a predefined amount of data has been sent through the IPSEC tunnel. When the SA times out IKE performs a whole new Phase Two negotiations and if needs be a new Phase One negotiation. This is done before the current SA times out to prevent any interruption in the data flow.

Just as a quick summary for those who may not have followed it so far:

IKE Phase One provides a low level set of security services via policies/standards that are first negotiated and then mutually agreed upon once common ground has been found. Once this secure channel has been established IPSec can use this secure channel to set up the IPSec Security Association (SA) in Phase Two.

**As mentioned earlier without Phase One there would be no way to verify that the end point in use when you set up the IPSec SA is actually the correct end point and that in fact you are not setting up your IPSec tunnel with an attacker of some kind**

IKE Phase Two is where IKE negotiates the IPSec SA’s parameters via the secure link setup in Phase One and sets up the IPSec ‘tunnel’ between the two peers. This established IPSec SA is what then protects all the resulting traffic that flows between the tunnel end points. IPSec uses IPSec transform sets in the same way IKE uses IKE transform sets. Again just like IKE, if no common transform set can be agreed upon the connection is torn down and the IPSec VPN fails.

Most Cisco products support three methods of IPSec peer authentication:

RSA Signatures (Certificates) - This is considered the preferred method of authentication as it uses digital certificates that are authenticated by an RAS Signature.
Pre-shared Keys – As the name suggests these are manually configured case sensitive keys that must exactly match on both peers.
RSA Encrypted Nonce’s - Cisco appliances can use RSA (Rivest Shamir Adleman) encryption to encrypt a random number (a nonce) that is generated by the peer along with other pre configured values. The PIX does not support this type of authentication at this moment in time.


Certificates and Certification Authorities (CA)
Certificate authorities manage certificate requests, issue the requested certificates once approved and publish Certificate Revocation Lists (CRL’s, pronounced “Crills”). IKE understands X.509v3 certificates that require public keys.

A digital certificate has a public key, which is available publically strangely enough, and is used for the automatic authentication of servers and/or users. The connecting node needs to trust the root CA that issued the certificate for it to accept it. By default the connecting node also needs access to the CRL to check if the certificate has been revoked by the root CA. Some third party CA’s are already trusted for web browsers etc but the PIX will only trust the following third party CA’s:

VeriSign
Microsoft Corporation
Baltimore Technologies
Entrust Corporation

Certificates replace the need for pre-shared keys as they already have a public and private keys as part of the frame work of the certificate.
For certificates to work on the PIX there are four steps to take:
Generate an RSA Key pair

Obtain the CA’s certificate which will have the public key
Using the generated key and the public key obtained by the CA the firewall will then request a signed certificate from the CA
The CA then verifies the request and offers the signed certificate to be published (depending on how the CA is configured this sometimes requires an administrator to manually approve the request)

Pre-Shared Keys
Pre-Shared Keys (PSK) are usually used if you only have a few firewalls to configure and you control all of the firewalls in the VPN configuration, as when you change a PSK on one firewall obviously you will need to change it on the other. PSK’s offer the quickest and easiest way to configure a VPN. A PSK can be up to 128 bytes long and uses alphanumeric characters ( A-Z and 0-9)

Original Tutorial by nokia for TheTAZZone-TAZForum

Originally posted on January 30th, 2007 here

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post...we do not sell, publish, transmit, or have the right to give permission for such...TheTAZZone merely retains the right to use, retain, and publish submitted work within it's Network.