Crypto IP Encapsulation
CIPE ( C rypto IP E ncapsulation ) is a project in which a protocol and implementation of virtual private networks ( VPN is developed).
CIPE tries to make the implementation of such VPNs as easy as possible. While approaches such as IPsec are developing new protocols to replace the conventional ones for the purpose of tap-proof communication via networks , CIPE uses the existing UDP protocol to transport data over the network .
In the simplest variant, CIPE creates a virtual network interface with the help of a kernel module , via which programs can then communicate as usual. This interface does not send the data directly over the network, but rather encrypts them and then sends them using UDP over a real network interface. With the communication partner, the virtual interface is also switched between the real network interface and the corresponding program so that the data can be decrypted again here. In this way, the will encryption related complexity completely hidden from the communicating programs.
The packing of one communication channel into another - as CIPE does - is called tunneling . Compared to other tunneling approaches, CIPE is easy to install. In contrast to IPsec, it is based on UDP over IP . Other protocols usually use other IP protocols such as GRE or L2TP . Firewalls can possibly get problems with other IP protocols than UDP or TCP due to incorrect implementation . Another advantage of UDP over lower-level protocols is that there are established methods for converting addresses for NAT environments.
Other common technologies and programs for building VPNs are PPTP , IPsec , L2TP, and OpenVPN
With the increasing performance of OpenVPN , CIPE must now be viewed as obsolete. Patches are still being added here and there to ensure functionality under newer kernels, but no further development takes place. Clients for Windows XP or Vista do not exist; supported operating systems from Microsoft are Windows NT4 and 2000.