Table of Contents
Advertisement
Virtual Private Network – IPSec
As described in the Figure 2-1, we will extend to explain how to make a VPN tunnel between LAN_1 and LAN_2 in this
chapter. The following Figure 9-1 is the real structure in our implemented process.
9.1
Demands
1.
When a branch office subnet LAN_1 wants to connect with another branch office subnet LAN_2 through the public
Internet instead of the expensive private leased lines, VPN can provide encryption and authentication to secure the tunnel
that connects these two LANs.
Figure 9-1 Organization_1 LAN_1 is making VPN tunnel with Organization_2 LAN_2
9.2
Objectives
1.
Let the users in LAN_1 and LAN_2 share the resources through a secure channel established using the public Internet.
9.3
Methods
1.
Separately configure DFL-1 and DFL-2 which are the edge gateways of LAN_1 and LAN_2 respectively. You have to
determine a key management method between IKE (Internet Key Exchange) and Manual Key. The following table
compares the settings between IKE and Manual Key. In the following, we will describe them separately.
IKE
Same
"Local IP" means the local LAN subnet; "Remote IP" means the remote LAN subnet; "My IP Address" means
the WAN IP address of the local VPN gateway while the "Security Gateway Address" means the WAN IP
address of the other VPN gateway.
Virtual Private Network – IPSec
This chapter introduces IPSec VPN and explains how to implement it.
Manual Key
49
DFL-900 User Manual
Chapter 9
Advertisement
Table of Contents
