Security Gateway for Accessing IPv6 WLAN

The existing IETF standards specify that the network communications can be protected with IPsec authentication header (AH). However, the current specification didn´t resolve the problem of automatic key management. Even though several solutions have been proposed, such as CGA and ABK, the implementations for IPv6 are still far away from completeness. This paper presents an approach of security gateway to effectively detect the security threats or illegal access attempts to IPv6 WLAN. By taking the advantages of wireless technology for mobility as well as IPv6 features, the security gateway is capable of offering precautionary reports for potential intrusions, attacks, or system vulnerabilities before a global IP being determined. The gateway is composed of traffic collection unit, traffic processing unit, behavior analysis unit, response unit, authentication unit, and policy management unit. With monitoring and analyzing the communication traffic from the managed devices, using the widely available tools from SNMP, ICMP, DHCP, and RADIUS, the security gateway provides an elegant solution to filter most illegal accesses to wireless IPv6 networks