Virtual Private Networks (VPNs) have been evolving for several years, and by now have reached maturity. IPsec protocol has played a significant role in this evolution. In fact, IPsec has become the de facto standard for VPN implementation, and the majority of VPN implementations are on IPsec. This chapter focuses on the details of the IPsec protocol to give you a fundamental understanding of the protocol itself, and to give you a foundation for Chapters 7 and 8, "Troubleshooting IPsec VPN on PIX Firewalls" and "Troubleshooting IPsec VPNs on VPN 3000 Series Concentrators." The troubleshooting section of this chapter focuses primarily on IOS implementation, and toward the end of the chapter, the section entitled "Common Problems and Resolutions" discusses common IPsec interoperation issues, such as Network Address Translation (NAT), firewalls, and so on, which are primarily for IOS routers but also apply to other products.