600CHAPTER 42: CONFIGURING VPN

ISP gateway and PPP session ends at NAS, it is unnecessary for the gateway at the user end to manage and maintain the status of every PPP session, thus improving system performance.

Generally, Layer 2 and Layer 3 tunnel protocols are used independently so combining L2TP together with the IPSec protocol provides better performance and security for the users.

Service Purpose VPNs are also classified according to the types of service they provide:

Intranet VPN: In an intranet VPN, the branches of an enterprise located everywhere are interconnected through the public network, which is the extension or substitute of traditional leased line networks or other enterprise networks.

Access VPN: Access VPN provides a means to establish private connections with the intranet or extranet of enterprises through the public networks for those staff members on business errands, remote personnel and SOHO. Access VPN has two types: client-initiated VPN connections and NAS-initiated VPN connections.

Extranet VPN: Extranet VPN extends an intranet to partners and clients through VPN so that different enterprises can build their VPNs using public networks.

Networking Model VPNs are classified by the type of networking model that they use:

Virtual Leased Line (VLL): VLL emulates the traditional leased line service with the help of the IP network and hence providing asymmetrical and inexpensive leased line service. For the users at both ends of the VLL, the VLL is similar to the traditional leased line.

Virtual Private Dial-up Network (VPDN): VPDN is implemented utilizing dial-up and access services of the public network (ISDN and PSTN), which provides access services for enterprises, small-sized ISPs, and mobile offices.

Virtual Private LAN Segment (VPLS) service: In VPLS, LANs can be interconnected through virtual private segment with the help of IP public networks. It is the extension of LAN across IP public network.

Virtual Private Routing Network (VPRN) service: VPRN implements the interconnection of headquarters, branches and remote offices by means of managing virtual routers, with the aid of the IP public networks. There are two ways to implement the services: one is to utilize the traditional VPN protocols as IPSec and GRE, and the other is to utilize the MPLS (Multiple Protocol Label Switching) technology.

Page 604
Image 604
3Com 10014299 manual Configuring VPN