Chapter 3 Configuration

temporarily disconnected.

3.6.3.5.2.2 An Example of Configuring a LAN-to-LAN IPSec VPN Connection

Background of the Example

The branch office establishes an IPSec VPN tunnel with the head office to connect two private networks by leveraging the Internet infrastructure. The routers are installed in the head office and branch office accordingly.

Application Diagram

Network Configuration and Security Plan

We want to setup a security channel between branch office and head office using LAN- to-LAN tunnel-mode connection. ESP, with MD5 as the authentication protocol and AES as the encryption protocol is decided as the policy of security plan. Pre-shared key is defined as 8 characters, 12345678.

 

Branch Office

Head Office

Local Network ID

192.168.0.0/24

192.168.1.0/24

Local Router IP

69.1.121.30

69.1.121.3

Remote Network ID

192.168.1.0/24

192.168.0.0/24

Remote Router IP

69.1.121.3

69.1.121.30

IKE Pre-shared Key

12345678

12345678

VPN Connection Type

Tunnel mode

Tunnel mode

Security Algorithm

ESP:MD5 with AES

ESP:MD5 with AES

61