Chapter 4: Management LANCOM Reference Manual LCOS 3.50
41
Management
The networks of client A and B use different address ranges in the
respective head office and the connected branches. A standard net-
work coupling via VPN is therefore possible between these networks.
In order to avoid the effort to building up its own VPN tunnel to each indivi-
dual subnetwork of the clients A and B, the service provider makes only one
VPN connection to the head office, and uses the existing VPN lines between
head office and branches for communication with the branches.
Traps from the networks report to the service provider whether e. g. a VPN
tunnel has been build up or cut, if an user has been tried to log in three times
with a wrong password, if an user has been applied for a hot spot, or if some-
where a LAN cable has been pulled out of a switch.
A complete list of all SNMP traps supported by LANCOM can be found
in the appendix of this reference manual (’SNMP traps’ →page287).
Routing of these different networks reaches very fast its limiting factors, if two
or more clients use same address ranges. Additionally, if some clients use the
same address range as the service provider as well, further address conflicts
are added. In this example, one of the hot spots of client C has got the same
address as the gateway of the service provider.
There are two different variants to resolve these address conflicts:
Loopback:
decentralized
1:1 mapping
In the decentralized variant, alternative IP addresses for communicating
with the SNMP addressee are assigned to each of the monitored devices
by means of an 1:1 mapping. This address is in technical language also
known as “loopback address”, the method accordingly as “loopback
method”.
The loopback addresses are valid only for communication with certain
remote stations on the connections belonging to them. Thus a
LANCOM is not generally accessible via this IP address.
Alternative:
central
N:N mapping
Even more appealing is the solution of a central mapping: instead of con-
figuring each single gateway in the branch networks, the administrator
configures solely one central address translation in the gateway of the
head office. On this occasion, also all subnetworks located “behind” the
head office are supplied with the needed new IP addresses.
In this example, the administrator of the service provider selects 10.2.x.x as
central address translation for the network of client B, so that both networks