Table of Contents
Advertisement
VPN – New with V5R1
iSeries VPN (Virtual Private Networking) support, introduced in V4R4, is enhanced to provide
additional security, greater reliability, improved performance and is easier to use. Operations
Navigator has been redesigned to intuitively navigate VPN configurations, and you can use
the VPN wizard to setup and implement your network security policy. Digital certificates
provide a scalable and secure mechanism for cryptographic operations. Now in V5R1, you
can use them in your VPN configurations to authenticate the identities of the VPN endpoints.
An integral part of iSeries VPN is IP Packet Filtering. In V5R1, this component is enhanced to
allow filter activation and deactivation on a per-interface basis.
Layer 2 Tunneling Protocol (L2TP)
Layer 2 Tunneling Protocol (L2TP) is an enhanced link protocol that provides a multi-hop
virtual circuit through the Internet. L2TP is also known as "Virtual PPP" since it creates a
virtual circuit at a link layer and then utilizes Point-to-Point Protocol (PPP) to complete the
connection at the network layer. L2TP is typically used in conjunction with Virtual Private
Networks (VPN) to provide a secure connection over the Internet.
The following modes are supported for Layer 2 Tunneling Protocol:
• Remote dial-on-demand (compulsory tunnel): This mode type is to enable the
iSeries to set up an L2TP tunnel between an ISP and your iSeries server. The remote
user would be unaware that any tunneling was occurring. Compulsory tunnels are
ideal, but the ISP of your choice must support this L2TP mode.
• Initiator-on-demand (voluntary tunnel): This mode is to enable the iSeries to
automatically connect to a remote system over an L2TP tunnel. When outbound IP
traffic needs to be routed to a remote system, this iSeries would automatically initiate a
tunnel to connect to the remote system which would act as the L2TP Network Server
(LNS).
• Multi-hop: This mode type enables the iSeries to redirect L2TP traffic on behalf of
client L2TP Access Concentrators (LACs) and L2TP Network Servers (LNSs). To
establish an L2TP Multi-hop connection, this iSeries would act as both an LNS to one
or more LACs at the same time as acting as a LAC to a given LNS.
UDP multicast support is now enabled on iSeries. Applications written using this support can
make better use of the bandwidth thus reducing network costs. This represents another
improvement to the overall TCP/IP enablement package for iSeries which can be accessed
through the industry standard sockets API.
TCP/IP Connectivity Utilities (5722-TC1)
TCP/IP Connectivity Utilities (5722-TC1)
557
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
Table of Contents
