One common technique used to encrypt and authenticate in VPNs is IP security. IP sec is a collection of protocols designed by the IETF( Internet Engineering Task Force) to provide security for a packet carried by the internet. instead it provides a framework and a mechanism it leaves the selection of the encryption authentication method to the user.
IP sec uses an authentication heard. The authentication header is an extra header added to the data packet at the transport layer before the IP header is added.
When an IP datagram carries an authentication header the protocols field sin the IP header changes to a value of 51 show that the datagram carries an AH A field inside the AH defines the original value of eh protocols fields.
IP sec uses a mechanism called encapsulation security payload. ESP first the data packet at the transport layer then adds one extra header and one extra trailer.
The ESP header define the algorism used for encryption. The ESP trailer aligns the packet to the length required by some encryption algorithms. The ESP trailer aligns tains the authentication data for the whole packet excluding the IP header. The value of the protocols fields is 50 in the IP header to indicate the use of ESP.