Filter
Top Products
Cyclades-PR4000
Chapter 16 - Virtual Private Network Configuration
142
CHAPTER 16 VIRTUAL PRIVATE NETWORK CONFIGURATION
The Virtual Private Network utility can be used on any link using IP routing. It is used to provide greater security
between two or more networks connected through a public communications network. The basic concepts are
presented in Figure 14.1. An IP datagram is sent by a device on the LAN. The message arrives at the router. The
router has two tables. One with all the IP addresses contained in the Local Security Network and another with all
the IP addresses in the Remote Security Networks. If the source IP address is contained in the Local Security
Network list and the destination IP address is contained in the Remote Security Network list, the message is
encrypted and encapsulated. The only destination address is that for the remote gateway (defined in the Remote
Security Network list). Upon arrival at the remote gateway, the packet is unwrapped and sent to its destination.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
PC
PC
Message
Message
Message
PR3000
PR4000
Header
Header with destination:
remote security gateway
IP Address
IP Datagram
sent by user
Conversion
performed by Router
with Cyclades’ VPN
As sent by
local Gateway
As received by
remote Gateway
Source IP Address
Destination IP Address
IP Options and Data
Encrypted IP Datagram
Header with destination:
remote security gateway
IP Address
Encrypted IP Datagram
Message
Header
Source IP Address
Destination IP Address
IP Options and Data
Local
Gateway
Remote
Gateway
Public
Network
FIGURE 14.1 CONVERSION PERFORMED BY CYCLADES’ VIRTUAL PRIVATE NETWORK UTILITY