Q

What does IPv6 mean for IPsec VPNs?

In this Ask the Expert response, VPN expert Rainer Enders discusses what IPv6 means for IPsec VPNs.

What does IPv6 mean for IPsec VPNs?

I think Network Address Translation (NAT), which translates private and public IP addresses, is unnecessary overhead that will go away with IPv6. The elimination of NAT with IPv6 will offer major technical benefits by restoring the end-to-end principal of the Internet. With IPv6, enterprises will also get closer to end-to-end protection since the IPsec tunnel can initiate and terminate on the respective communication nodes; no intermediate...

gateway termination must take place. Additionally, the Authentication Header (AH), a core component of the IPsec protocol, is now an integral part of the connection. AH, which cannot be used in NAT environments, provides source authentication and integrity protection.

Users should make sure that their VPN providers offer true dual-stack IPsec implementations, supporting both IPv4 and IPv6 at the same time. Transport Relay Translator (TRT) nodes, as described by RFC 3142, do not support IPsec across those protocol relays which can pose challenges to VPN network traffic.

Email your VPN-related questions to editor@searchenterprisewan.com.

 

This was first published in November 2011
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchNetworking

SearchUnifiedCommunications

SearchTelecom

SearchSDN

Close