Intel 8205 quick start Connecting Two Branch Offices, Firewalls and network address translation

Connecting Two Branch Offices

Two sites can use a VPN tunnel to send and receive secure business data over the Internet. The two sites could be two branch offices, a remote worker and a central office, a branch office and a central office, or your site and a business partner’s site. For more information, see the online documentation on the Intel® Device View CD-ROM.

Connecting two branch offices with a VPN tunnel enables both offices to share each other’s resources securely. Using a VPN tunnel saves the cost of dialing into a distant site; the only cost is that of connecting to the local Internet service provider (ISP).

In this example, the IP address on the local side is dynamically assigned. Therefore, the Local User ID identifies the branch office, rather than a permanent external IP address. If the local router had a perma- nent IP address, then you would not have to enter a Local User ID. The IP address would identify the branch office.

Table 3 shows the configuration parameters used in the VPN Tunnel Wizard to create a tunnel for the Branch Office to Branch Office example.

Note: The values for the parameters in Table 3 are examples only; you must enter the values specific to your network.

Firewalls and network address translation

If you are using firewall filters or network address translation (NAT) on the LAN 2 port, the VPN Tunnel Wizard modifies your settings to enable the tunnel.

Branch Office 1

Local Network Address 192.168.1.0

Figure 24. Example Branch Office to Branch Office

VPN Tunnel. A VPN tunnel between two remote offices.

Table 3. Configuration Parameters. Settings used for the Branch Office to Branch Office example when configuring the VPN tunnel using the VPN Tunnel Wizard.