The Vpn Device As A Firewall (With Or Without Nat) - HP Sa3110 - VPN Server Appliance Reference Manual

The VPN Device The VPN Device The VPN Device The VPN Device
as a Firewall as a Firewall as a Firewall as a Firewall
(With or Without (With or Without
(With or Without (With or Without
NAT) NAT) NAT) NAT)
Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450 Network Layout Reference Guide
VPN Device A (No NAT) VPN Device A (No NAT) VPN Device A (No NAT) VPN Device A (No NAT)
Config file entries/routing
info:
security-profile site-to-site
tunnel SanFrancisco
ip route 210.25.129.0
255.255.255.0 205.25.128.2
This scenario shows the following:
• A LAN-to-LAN connection between two VPN devices.
• Each VPN device is directly attached to a router. The routers
connect through the Internet.
• Traffic travels from Router A to Router B. Router B passes
traffic directly through the VPN device.
• The VPN device performs firewall functionality on the traffic
and may or may not use NAT.
• The VPN device B decrypts the VPN traffic before passing it
to the local network.
LAN-to-LAN Scenarios
VPN Device B (No NAT) VPN Device B (No NAT) VPN Device B (No NAT) VPN Device B (No NAT)
Config file entries/routing info:
security-profile site-to-site
tunnel Boston
ip route 205.35.129.0 255.255.255.0
210.25.135.2
27