What is an IPsec VPN? (Internet Protocol Security explained)
🔍 Quick answer:
IPsec VPN uses Internet Protocol Security to encrypt and authenticate IP packets. It operates in two modes: tunnel mode (entire packet encrypted) and transport mode (only payload encrypted). Commonly used for site-to-site VPNs.
What is IPsec?
IPsec (Internet Protocol Security) is a suite of protocols designed to secure IP communications. Unlike SSL VPNs that work at the application layer, IPsec works at the network layer, meaning it can protect all traffic without application modifications.
IPsec components:
- Authentication Header (AH): Provides connectionless integrity and data origin authentication
- Encapsulating Security Payload (ESP): Provides confidentiality, data origin authentication, and integrity
- Internet Key Exchange (IKE): Handles key exchange and negotiation
IPsec modes:
Tunnel Mode
Encrypts the entire IP packet. Used for site-to-site VPNs (router to router).
Transport Mode
Encrypts only the payload. Used for end-to-end connections.
IPsec vs SSL VPN
| Feature | IPsec VPN | SSL VPN |
|---|---|---|
| Layer | Network layer | Application layer |
| Setup | Requires client software | Works in browser |
| Use case | Site-to-site, remote access | Web apps, remote access |
💡 Pro tip: IPsec is often used for corporate networks because it works with all applications, not just web browsers.
On this page
Top 3 VPNs 2026 Tested
We earn commission if you purchase through links
Similar questions
Terms you'll meet
- IP address
- Your device's public ID online.
- Encryption
- Scrambling data so only you can read it.
- No‑logs policy
- VPN doesn't store your activity.