I'm trying to draw the packets in a network that uses an IPSec tunnel for security. More specifically: a laptop user using a public access point wants to query Google through an IPSec tunnel to a home PC. I'm trying to draw the packet between the laptop and the public access point.
If I understand it correctly the packets will have the following layout:
MacTo – MacFrom – IPSource – IPDestination – SourcePort – DestinationPort – [Encrypted source IP – Encrypted destination IP – Encrypted source port – Encrypted destination port – data]
in which the encrypted packet is placed between the brackets.
I'm wondering how to fill in the ports in this setting.
- SourcePort: I assume just a random port of the laptop.
- DestinationPort: I assume this is the port of the IPSec gateway service.
- Encrypted source port: Is this the same as SourcePort? Is this port modified by the IPSec gateway before the packet is forwarded to Google?
- Encrypted destination port: 80 (http for the Google request)
Can anyone confirm if my assumptions are correct or indicate how I should fill in "Encrypted source port"?
Thanks in advance
Best Answer
IPSEC has no ports. In IPv4 IPSEC, or to be more precise AH (authentication header) and ESP (encapsulation security payload), are two IP protocols just like TCP and UDP. In IPv6 IPSEC is part of the protocol are there are two extension headers one for authentication and one for encryption.
The only thing that has something to do with ports is IKE (Internet Key Exchange) protocol which uses UDP 500 or 4500.