Before delving too deeply into configuration there are a few terms usedthroughout the chapter which require explanation. Other terms are explained inmore detail upon their use in configuration options.
IKE¶
IKE stands for Internet Key Exchange and comes in two different varieties:IKEv1 and IKEv2. Nearly all devices that support IPsec can use IKEv1. Mostmodern implementations also support IKEv2. The newer IKEv2 protocol is anupdated version of IKE that solves some of the difficulties present in theearlier version. For example, IKEv2 has MOBIKE which is a standard for mobileclients that allows them to switch addresses dynamically. It also has built-inNAT traversal and standard mechanisms for reliability similar to DPD. Ingeneral IKEv2 provides a more stable and reliable experience provided both endssupport it sufficiently.
ISAKMP Security Association¶
ISAKMP stands for Internet Security Association and Key Management Protocol. Itgives both parties a mechanism by which they can set up a secure communicationschannel including exchanging keys and providing authentication.
An ISAKMP Security Association (ISAKMP SA or IKE SA) is a one-way policy whichdefines how traffic will be encrypted and handled. Each active IPsec tunnel willhave two security associations, one for each direction. The ISAKMP SecurityAssociations are setup between the public IP addresses for each endpoint.Knowledge of these active security associations is kept in the SecurityAssociation Database (SAD).
Security Policy¶
A security policy manages the complete specifications of the IPsec tunnel. Aswith security associations these are one-way, thus for each tunnel there will beone in each direction. These entries are kept in the Security Policy Database(SPD). The SPD is populated with two entries for each tunnel connection as soonas a tunnel is added. By contrast SAD entries only exist upon successfulnegotiation of the connection.
In pfSense software security policies for policy-based IPsec tunnels controlwhich traffic will be intercepted by the kernel for delivery via IPsec.
Phase 1¶
There are two phases of negotiation for an IPsec tunnel. During phase 1 the twoendpoints of a tunnel setup a secure channel between using ISAKMP to negotiatethe IKE SA entries and exchange keys. This also includes authentication,checking identifiers, and checking the pre-shared keys (PSK) or certificates.When phase 1 is complete the two ends can exchange information securely, butthey have not yet decided which traffic will traverse the tunnel or itsencryption.
Phase 2¶
In phase 2 the two endpoints negotiate how to encrypt and send the data for theprivate hosts based on security policies. This part builds an entry referred toas a “Child SA”. This forms the connection used to transfer data between theendpoints and clients whose traffic is handled by those endpoints. If thepolicies on both side agree and a phase 2 child SA is successfully establishedthe tunnel will be up and ready for use.
Mobile IPsec¶
Mobile IPsec refers to IPsec connections from individual client devices ratherthan site-to-site connections. This is also commonly called a “Road Warrior” or“Remote Access” style VPN.
Th main purpose of a mobile IPsec VPN is for users who are not in the office whoneed to connect back to the main network. Common use cases are for employeesworking from home, sales personnel using Wi-Fi on a business trip, or even theboss from his cabin via LTE modem.
Most of these use cases are forced to deal with dynamic IP addresses, unknown IPaddresses, NAT (regular and Carrier Grade NAT), and other complications. Withouta router or firewall supporting IPsec a traditional IPsec tunnel will not work.
In telecommuting scenarios, it’s usually undesirable and unnecessary to connecta entire home networks to the office network, and doing so can reduce securityand introduce routing complications. This is where IPsec Mobile Clients are mostuseful.
Instead of relying on a fixed address for the remote end of the tunnel, MobileIPsec uses authentication to allow distinguish between authorized users. Forexample, this could be a username and password with IKEv2 and EAP, a per-userIdentifier and Pre-Shared Key pair, or a certificate.