Manuals / Nortel Networks / Computer Equipment / Network Card

Nortel Networks 608(WL), 620 manual LAN to LAN Application, Network 10.0.0.0/24 Network 20.0.0.0/24

Models: 620 608(WL)

1 222
Download 222 pages 37.22 Kb
Page 27
Image 27

Chapter 3

Configuration via Local Pages

3.1 LAN to LAN Application

Reference network A simple LAN-to-LAN network configuration is shown here.

Internet

SpeedTouch A

100.100.0.1200.200.0.1

10.0.0.254

SpeedTouch B

20.0.0.254

Host

Host

10.0.0.1

20.0.0.5

Network 10.0.0.0/24

Network 20.0.0.0/24

The figure shows two LAN networks connected via a SpeedTouch™ to the public Internet. In each LAN segment, the IP addresses of the terminals are typically managed by a DHCP server, which may be the built-in DHCP server of the SpeedTouch™.

Making use of the VPN capabilities of the SpeedTouch™, it is possible to connect the two LAN segments via a secure VPN tunnel over the public Internet. At each peer the SpeedTouch™ serves as an IPSec Security Gateway.

A dedicated set of user-friendly configuration pages allows you to quickly and easily implement this scenario. Selections are made in accordance to the data known to the user, and the VPN layout.

The GUI pages are organized along two main alternative paths.

Path 1: You know exactly to which Remote Gateway you want to establish a VPN connection. You know its location in the public Internet (either the IP address or the domain name). This generally is the case in a symmetrical LAN- to-LAN scenario.

Path 2: Your SpeedTouch™ is located in a central facility where services are provided to remote locations that require a secure connection. For the moment, you have no idea which Remote Gateway may want to establish a secure connection. In this case, your SpeedTouch™ always has the role of responder in the VPN connection establishment negotiations. It can not initiate the establishment of a VPN connection. This leads to an asymmetrical LAN-to- LAN scenario, where one peer is always the responder, while the remote peer(s) is/are the initiator. You can think of a corporate head quarter that constructs a hub and spoke VPN network with its branch offices. It is convenient to configure the SpeedTouch™ at the head quarter in such a way that it will accept new branch offices in the VPN without requiring any adaptation to its configuration.

E-DOC-CTC-20051017-0169 v0.1

25

 

Page 26 Page 28
Page 27
Image 27
Nortel Networks 608(WL), 620 manual LAN to LAN Application, Network 10.0.0.0/24 Network 20.0.0.0/24
Page 26 Page 28