IPsec (Internet Protocol Security)
Protocol suite for secure communication over IP networks: encrypts and authenticates IP packets at the network layer (Layer 3)—the foundation for VPNs in corporate networks.
IPsec (Internet Protocol Security) is a suite of protocols that secures IP communication at the network layer (OSI Layer 3) through encryption, authentication, and integrity checking. IPsec forms the basis for site-to-site VPNs and is frequently used for remote access VPNs.
IPsec Core Components
AH (Authentication Header):
- Provides authentication and integrity for IP packets
- No encryption—payload is readable
- Also protects IP headers
- Rarely used in practice (NAT incompatibility)
ESP (Encapsulating Security Payload):
- Provides encryption, authentication, and integrity
- Standard protocol for secure IPsec connections
- Protects the IP payload (not the outer header in tunnel mode)
IKE (Internet Key Exchange):
- Handshake protocol for key exchange and SA negotiation
- IKEv1 (obsolete), IKEv2 (current, recommended)
- IKEv2 offers: faster connection establishment, MOBIKE (for mobile devices), better NAT support
IPsec operating modes
Transport Mode:
- Only the IP payload is protected
- IP header remains visible
- Typical use: Host-to-host encryption in a LAN
Tunnel Mode:
- Entire IP packet is encapsulated in a new IP packet and protected
- External IP header shows gateway addresses, not the actual endpoints
- Typical use: Site-to-site VPN, remote access VPN
| Mode | Packet structure |
|---|---|
| Transport Mode | [Original IP Header] | [ESP Header] | [TCP/UDP + Data] | [ESP Trailer] |
| Tunnel Mode | [New IP Header] | [ESP Header] | [Original IP Header + TCP/UDP + Data] | [ESP Trailer] |
IPsec Use Cases
Site-to-Site VPN: Securely connects two corporate networks via the Internet (e.g., headquarters and branch office). Established between two VPN gateways (firewalls, routers).
Remote Access VPN: Employees securely connect to the corporate network from outside. Client (Windows, macOS, Linux) establishes an IPsec tunnel to the company.
MPLS Security: IPsec over MPLS connections for additional encryption.
Recommended IPsec Configuration (BSI TR-02102-3)
The BSI recommends the following in Technical Guideline TR-02102-3:
IKEv2 Parameters:
| Parameter | Recommendation |
|---|---|
| Encryption | AES-256-GCM or AES-256-CBC |
| Integrity | SHA-256 or SHA-384 |
| DH group | DH-19 (P-256), DH-20 (P-384), or better |
| Authentication | Certificates (RSA-3072+) or EAP with password |
ESP parameters:
| Parameter | Recommendation |
|---|---|
| Encryption | AES-256-GCM (AEAD - integrated Auth) |
| Replay Protection | Enabled |
| PFS | Always enable (new DH keys per session) |
Obsolete and insecure:
- DES, 3DES (weak encryption)
- MD5, SHA-1 (weak hashes)
- Main mode with pre-shared keys in large deployments
- IKEv1 in Aggressive Mode (vulnerable to offline cracking)
IPsec Security Risks
Weak PSKs (Pre-Shared Keys): PSKs that are easy to guess or too short can be cracked via offline brute force if IKE handshake data has been intercepted.
Unpatched VPN appliances: VPN gateways are highly attractive targets—Fortinet, Cisco, and Palo Alto have had critical vulnerabilities in recent years that were actively exploited.
Lack of MFA for remote access: VPN with username/password alone is not sufficient. MFA (certificate + OTP or FIDO2) is best practice.
Split tunneling risks: If only corporate traffic passes through the VPN (split tunneling), personal devices remain vulnerable and can serve as a bridge into the corporate network.
IPsec vs. TLS-VPN vs. WireGuard
| IPsec | TLS-VPN (SSL-VPN) | WireGuard | |
|---|---|---|---|
| Layer | Layer 3 (IP) | Layer 4-7 (TLS over TCP) | Layer 3 |
| Speed | High | Medium | Very high |
| Configuration effort | High | Medium | Low |
| NAT Traversal | IKEv2: good | Very good | Good |
| Audit Complexity | High | Medium | Low (small codebase) |
| Enterprise Adoption | Very high | High | Increasing |
