Remote Access Vpn - Nortel Secure 4134 Configuration
Security — configuration and management
Hide thumbs
Also See for Secure 4134:
- Installation manual (132 pages) ,
- Installation — hardware components (124 pages) ,
- Quick start manual (70 pages)
Table of Contents
Advertisement
46 IPsec VPN fundamentals
Remote access VPN
Remote access VPN allows individual users such as telecommuters to
connect to a corporate network. The user's laptop is usually equipped with
a 3rd party VPN client that allows a policy to be defined so that traffic
destined to the corporate network is protected. When the VPN client detects
an access point to the corporate network, a secure tunnel to the security
gateway (that is, the VPN server) at the corporate headquarters is created.
Typically, in this application, the IP address of each VPN client is not
known to the VPN server prior to session initiation and therefore cannot be
specified in the server configuration.
The VPN client can initiate the tunnel request to the VPN server using
IKE main mode or aggressive mode. However, in remote access VPN,
main mode with pre-shared key cannot function when there is a NAT in the
middle. In remote-access applications, it is best to assume that there is a
NAT in the middle and to use aggressive mode, which can function with
a NAT in the middle
IKE authenticates the VPN server and client. To authenticate the user via
a login and password prompt, Mode configuration is used, and optionally
Xauth.
The SR4134 supports the following Safenet IPsec clients for remote access
VPN connections.
Figure 9
Remote access
Copyright © 2007, Nortel Networks
.
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600 01.02 Standard
10.0 3 August 2007
Advertisement
Table of Contents
