A tunneling protocol is used to move data across networks using a communications protocol. Information flows between devices and networks over the Internet using point-to-point tunneling protocols which are generally divided into two parts having rules of transmission and the actual transmitted data.

Tunneling protocols use encapsulation to transmit a packet with a datagram and another data packet creating a secure tunnel for transmission between two points on any network. Effectively it repackages and hides the data being transmitted with encryption.

  1. Uses
  2. Technical Overview

1) Uses

A variety of protocols use the public network, like the internet, to send private network data by creating a VPN (Virtual Private Network), making its transmissions more secure, especially when using unencrypted data. Popular protocols include IPsec (GPRS tunneling protocol),  SSH (Secure Socket tunneling protocol ), PPTP (Point-to-Point Tunneling Protocol), etc, with each protocol being tailor-made for a specific and different tunneling task/purpose.

Because a datagram is used to hide packets of information, tunneling protocols become tools of immense benefits or misuse too. Poorly configured firewalls are easily overcome by enclosing the blocked protocols within an unblocked protocol to get past the firewall.

Such use/misuse of the tunneling protocols makes tasks like warding off potential attackers difficult. Deep packet inspection uses network infrastructure to look for the datagram, including suspicious behaviour and data, while egress and ingress filtering checks for the destination address. Thus tunneling protocols may pose a potential threat that needs to be blocked and addressed by IT and networking professionals who configure security protocols to be applied to data sent using a known tunnel through a VPN.

Some of the ways to use/misuse tunneling protocols are

  • A tunneling protocol can be used to run the IP-v6 over IP-v4 though it is a foreign protocol and not supported to run over a particular network.
  • It is also used to provide impractical underlying network services, like a corporate network address) to a remote user when the corporate network does not include the user’s physical network address.
  • Users use tunneling to get past a firewall, using an unblocked protocol like HTTP and using the technique of “wrapping” to piggyback/ sneak through the firewall policy.
  • Another way is to use the command/ method of the HTTP CONNECT tunnel wherein the HTTP proxy makes a TCP connection to a specific server when the client issues the HTTP CONNECT command to the proxy server on HTTP. This security hole is exploited to relay data between the client connection and the specific port via the HTTP proxy. Normally HTTP proxies allow connections like 443 and restrict access to the CONNECT command for other proxy servers.

2) Technical Overview

Thus, to establish a connection, one needs to understand the tunneling protocol stack, networks, and both sets of protocols applied to delivery and payload.

GRE-Generic Routing Encapsulation is a network layer over network layer example of a tunneling protocol over the IP 47, used to transmit data in IP packets with a private address like RFC 1918, over the Internet. Here both payload and delivery protocols are the same. Yet, the payload address is incompatible with the tunneling protocol of the delivery network.

It is also possible to use the data link layer. 

The L2TP (Layer 2 Tunneling Protocol) is used to transmit data between two nodes using the data-link layer and its frames to establish the connection. Since the tunnel does not possess default encryption, the TCP/IP will decide the security level based on the protocol used.

SSH uses port 22 to provide VPN functionality with payload data encryption when being transmitted over any public network like the internet. 

IPsec provides a Transport Model that is end-to-end and uses the tunneling mode to get past a trusted security gateway when transmitting data.


Thus, the article has explained tunneling protocol, its uses, and its technical overview.

So, have you made up your mind to make a career in Cyber Security? Visit our Master Certificate in Cyber Security (Red Team) for further help. It is the first program in offensive technologies in India and allows learners to practice in a real-time simulated ecosystem, that will give them an edge in this competitive world.



Are you ready to build your own career?