VPN technologies are reviewed

1.4 THESIS OUTLINE The rest of this thesis is organized as follows: • Chapter 2 introduces an overview of VPN together with its history and classifications. Then some of the concurrent VPN technologies are reviewed and compared, suggesting why L2TP/IPsec technology is a better choice to focus on. • Chapter 3 introduces the key concepts of different  versions of Mobile IP and analyses the drawbacks of MIPv4 and MIPv6. The possibility to use Mobile IP to transfer packets as a part of VPN without double tunneling is also discussed in this chapter. • Chapter 4 introduces L2TP and identifies its benefits over similar protocols. The detailed analysis of L2TP packet structure and tunnel establishment as well as its implementation in UNIX (FreeBSD) is also presented.• Chapter 5 overviews IPsec and presents tunnel establishment and packet protection procedures in detail. Then IPsec architecture and its implementation in FreeBSD are explained. Finally the differences between Microsoft Windows IPsec and UNIX IPsec are discussed. • Chapter 6 presents a case for using L2TP/IPsec tunnels, and discusses details of L2TP/IPsec tunnels including packet structure, tunnel establishment and tunnel authentication. Finally, different solutions of the L2TP/IPsec tunnel are proposed and compared. The loopback interface solution is chosen to create the L2TP/IPsec tunnel in FreeBSD (UNIX) in this thesis. • Chapter 7 proposes a detailed solution to handle the mobility problem in the L2TP/IPsec tunnel. This chapter also analyses and discusses the security and the performance of the new solution. Chapter 1:  Introduction  Page 6 © 2009 Chen Xu  Page 6 • Chapter 8 presents simulation experiments to validate the proposed solution discussed in the previous chapter. VMWARE software is introduced in this chapter and is used for the simulation. The experiment result is shown and analysed, and compared with four concurrent studies on VPN mobility support.  • In chapter 9, the same theory is proved on real devices (a wireless LAN). The VPN handoff time is fully discussed in this chapter and the experiment result is measured and analysed. Some suggestions are also proposed to further reduce the VPN handoff time.  • Chapter 10 concludes the thesis with future work listed.