Table of Contents
Advertisement
3Com Router 3000 Ethernet Family
Configuration Guide
Figure 1-2 Diagram of VPN application
It can be seen that enterprise internal resource sharers can access local ISP at its POP
(Point of Presence) server via PSTN/ISDN network or local network and access the
internal resources of the company. With traditional WAN networking technology,
however, they need to be connected using dedicated lines to achieve the same
purpose. VPN allows remote end users and clients in other cities to access enterprise
internal resources without being authorized by their local ISPs, which is of great
significance for staffs on business trip and geographically scattered clients.
An enterprise can deploy VPN services simply by setting up a VPN-supported server
for resource sharing (e.g. a Windows NT server or a router supporting VPN). The
resource sharers connect to local POP server via PSTN/ISDN or LAN before they
directly call the remote server (VPN server) of the enterprise. The call process is
completed by ISP Network Access Server (NAS) and VPN server together.
II. Mechanism of VPN
VPN
Subscriber
Figure 1-3 Diagram of accessing VPN
As shown in the above figure, through PSTN/ISDN network, a subscriber accesses ISP
NAS (Network Access Server). After NAS server recognizes that this is a VPN user by
checking user name or access number, it establishes a connection, which is called
tunnel, to the user's destination VPN server. Then NAS encapsulates the user data into
IP packets and transmits it to the VPN server through this tunnel. Upon the receipt of
this IP packet, VPN server removes the encapsulation to get the original data. In the
opposite direction, the packet is handled likewise. On both sides of the tunnel, packets
can be encrypted to make other users on the Internet unable to access them, so they
are safe and authentic. For users, tunnels are only the logical extension of their
PSTN/ISDN links and thus can be operated like the physical links.
Remote
Subscriber
PSTN/ISDN
PC
Cooperator
PSTN/ISDN
3Com Corporation
Internet
POP
ISP IP
Frame Relay
ATM
POP
NAS
1-3
Chapter 1 VPN Overview
POP
Corporate
Headquarter
Internal Server
VPN Server
Advertisement
Chapters
Table of Contents
Troubleshooting
