VPN - Interesting Traffic

In the context of VPNs, "interesting traffic" refers to the data packets that meet specific criteria set in the VPN configuration and therefore should be sent through the VPN tunnel for encryption and secure transmission. This concept is crucial in the setup and operation of VPNs, particularly in scenarios involving site-to-site VPNs or remote access VPNs.

Here are key points to understand "interesting traffic":

  1. Criteria-Based Selection: Interesting traffic is defined based on criteria such as IP addresses, protocols, and port numbers. This is typically configured in the VPN's security policies or access control lists (ACLs).

  2. Traffic Filtering: Only the traffic that matches these criteria is considered interesting and is routed through the VPN tunnel. Other traffic might be routed normally through the standard network paths.

  3. Purpose: The purpose of defining interesting traffic is to ensure that only sensitive or relevant data is encrypted and sent through the secure VPN tunnel, optimizing performance and security.

  4. Example Scenario: In a site-to-site VPN, interesting traffic might include all data packets between the internal networks of two offices. For instance, traffic from the IP range to might be deemed interesting, while traffic to public websites would not be. Another term for this is split tunneling

  5. Configuration Example: In a VPN configuration file or settings, you might see something like:

    access-list 100 permit ip crypto map VPN-MAP 10 ipsec-isakmp match address 100 set peer set transform-set TRANSFORM-SET

    In this example, the access list (ACL) defines the interesting traffic that will trigger the VPN tunnel.

By carefully defining interesting traffic, VPN administrators can ensure that the VPN is used efficiently and only for the intended purposes, thereby enhancing security and performance.