Comunicación IPv4 segura entre áreas universitarias a través de conexiones de internet

Article Sidebar

PDF (Español (España)) HTML (Español (España))
Published: Aug 13, 2025
DOI: https://doi.org/10.22201/dgtic.30618096e.2025.3.3.125
Keywords:
Security, tunnels, GRE, Internet links

Main Article Content

Marcial Martínez Quinto
Dirección General de Cómputo y de Tecnologías de Información y Comunicación, Universidad Nacional Autónoma de México

Abstract

University campi have access to the Internet and RedUNAM through links contracted with Internet service
providers. This network scheme offers direct connection to the Ciudad Universitaria campus with dedicated
private links (LAN-to-LAN and enterprise virtual private network). However, if these direct connections
fail, communication between university campi is interrupted, as DNS service and RedUNAM resources
are lost, resulting in almost complete outage in some locations. The impact of these incidents is mitigated
manually with the intervention of staff from the General Directorate of Computing and Information and
Communication Technologies, through the area responsible for ensuring the continuity of communication to
and from university campi outside Ciudad Universitaria. The need for an automated network scheme to avoid
manual mitigation, which would waste valuable time restoring communication, led to the development of
an alternative connection using the same current operating resources. This would ensure that, even if failures
occur at any time of day, users would not notice the automatic traffic changes. A VPN built over Internet links
that provides security for the information exchanged is the solution proposed in this technical report.

Downloads

Download data is not yet available.

Article Details

How to Cite
Martínez Quinto, M. (2025). Comunicación IPv4 segura entre áreas universitarias a través de conexiones de internet. Cuadernos Técnicos Universitarios De La DGTIC, 3(3). https://doi.org/10.22201/dgtic.30618096e.2025.3.3.125
Issue
Vol. 3 No. 3 (2025): Cuadernos Técnicos Universitarios de la DGTIC
Section
Reportes técnicos
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Este trabajo tiene la licencia CC BY-NC-ND 4.0

Author Biography

Marcial Martínez Quinto, Dirección General de Cómputo y de Tecnologías de Información y Comunicación, Universidad Nacional Autónoma de México

.

References

Amazon Web Services Inc. (s.f.). Requirements and quotas. Why is a /24 the smallest IP range that can be used with BYOIP? https://repost.aws/articles/ARiVYfeM1dS4STKKhkf7LA_Q/why-is-a-24-the-smallest-ip-range-that-can-be-used-with-byoip

Aparicio-Izurieta, V. V. (2022). Segurança IP segura na Internet (IPSEC). Sapienza: International Journal of Interdisciplinary Studies, 3(1), 978–987. https://doi.org/10.51798/sijis.v3i1.278 DOI: https://doi.org/10.51798/sijis.v3i1.278

Cisco Systems Inc. (2016, abril). IP Addressing: NAT Configuration Guide. Recuperado el 9 de abril de 2025 de https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-16/nat-xe-16-book/iadnat-cgn.html

Cisco Systems Inc. (2020, octubre). Next Generation Cryptography. Recuperado el 8 de abril de 2025 https://sec.cloudapps.cisco.com/security/center/resources/next_generation_cryptography

Cisco Systems Inc. (2023, mayo). Resolve IPv4 Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPsec. Recuperado el 9 de abril de 2025 de https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html

Cisco Systems Inc. (2024, abril). Understand IPsec IKEv1 Protocol. Recuperado el 8 de abril de 2025 de https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/217432-understand-ipsec-ikev1-protocol.html

Hadood, A. K. M. (2024). Implementation of Site to Site IPsec VPN Tunnel using GNS3 Simulation. International Journal for Research in Applied Science & Engineering Technology (IJRASET), 12(11), 2302–2307. https://doi.org/10.22214/ijraset.2024.65635 DOI: https://doi.org/10.22214/ijraset.2024.65635

Internet Engineering Task Force. (IETF, septiembre 1993). Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy. https://www.rfc-editor.org/rfc/rfc1519.html#page-9

Internet Engineering Task Force. (IETF, octubre 1994a). Generic Routing Encapsulation (GRE). https://www.rfc-editor.org/rfc/rfc1701.html

Internet Engineering Task Force. (IETF, mayo 1994b). The IP Network Address Translator (NAT). https://www.rfc-editor.org/rfc/rfc1631.html#page-2

De Almeida, F. M. (2024). O universo das ciências exatas e da terra: teoria e aplicações 2. Brasil: Atena Editora. DOI: https://doi.org/10.22533/at.ed.916242911

Salman, F. A. (2017). Implementation of IPsec-VPN Tunneling using GNS3. Indonesian Journal of Electrical Engineering and Computer Science), 7(3), 855–860. https://doi.org/10.11591/ijeecs.v7.i3.pp855-860 DOI: https://doi.org/10.11591/ijeecs.v7.i3.pp855-860

Tanenbaum, A. S. (2011). Computer Networks. Estados Unidos de América: Pearson Education.

The National Cyber Security Centre of United Kingdom (2022, marzo). Using IPsec to protect data. https://www.ncsc.gov.uk/pdfs/guidance/using-ipsec-protect-data.pdf

Universidad Nacional Autónoma de México. (2024, abril). Manual de organización de la Dirección General de Cómputo y de Tecnologías de Información y Comunicación. https://www.tic.unam.mx/wp-content/uploads/2024/05/Manual-de-Organizacio%CC%81n-DGTIC-2024.pdf