AWS Certified Solutions Architect - Professional
  • AWS Certified Solutions Architect - Professional
  • Accounts & Permissions
    • AWS Organizations
    • Service Control Policies
    • Security Token Service
    • Permissions Boundaries
    • Permissions Evaluation
    • AWS Resource Access Manager
    • Service Quotas
  • ADVANCED IDENTITIES & FEDERATION
    • SAML2.0 Identity Federation
    • IAM Identity Center
    • Amazon Cognito
    • Amazon Workspaces
    • Directory Service
    • AWS Control Tower
  • NETWORKING & HYBRID
    • Private and Public AWS Services
    • DHCP In a VPC
    • VPC Router
    • Stateful vs Stateless Firewalls
    • Network Access Control Lists
    • Security Groups
    • AWS Local Zones
    • Border Gateway Protocol
    • AWS Global Accelerator
    • IPSec VPN
    • Site2Site VPN
    • Transit Gateway
    • VPC Routing
    • Accelerated Site-to-Site VPN
    • AWS Client VPN
Powered by GitBook
On this page
  1. NETWORKING & HYBRID

IPSec VPN

Last updated 4 hours ago

  • A protocol suite used to secure data sent over IP networks.

  • Encrypts and authenticates the communication between two endpoints (like AWS and on-premises).

⚙️ IPSec VPN Negotiation Phases

  • Phase 1:

    • Establishes a secure channel between the two participants.

    • Negotiates a shared secret and sets up the IKE (Internet Key Exchange) session.

  • Phase 2:

    • Negotiates the IPSec Security Association (SA).

    • Defines how actual traffic will be encrypted and authenticated through the tunnel.

🧠 Quick Summary

Phase
Purpose

Phase 1

Create a secure channel for negotiating security settings

Phase 2

Establish encryption/authentication rules for traffic