Dynamic Tunnel

page 1 of 9

Next >

Frequently Asked Questions

When using IPSec dynamic tunnels, encryption keys are dynamically created, periodically refreshed, and managed by Internet Key Exchange (IKE) daemons.

Phase 1 dynamic tunnels are used to cipher the communications between the two IKE daemons represented by the
Network Configuration Assistant screen capture
  icon. IP traffic traversing between the IKE daemons is for creating and managing the encryptions keys for use by the Phase 2 dynamic tunnels.
Phase 2 dynamic tunnels are used to encipher the intended IP traffic traveling between the two data endpoints represented by the
Network Configuration Assistant screen capture
  icon. For example, to encrypt FTP traffic using an IPSec dynamic tunnel:
  1. A Phase 1 dynamic tunnel is first established between the local and remote IKE daemons.
  2. The data that traverses the Phase 1 dynamic tunnel is creating the encryption keys to encrypt the FTP traffic.
  3. A Phase 2 dynamic tunnel is then established to encrypt the FTP traffic. The FTP traffic is encrypted and decrypted using the keys created from the Phase 1 dynamic traffic.

Host to Host topology

Network Configuration Assistant screen capture

Host to Gateway topology

Network Configuration Assistant screen capture