Appendix C - VPNs

Common VPN Situations

VPN Pass-through

Figure 96: VPN Pass-through

Here, a PC on the LAN behind the Router/Gateway is using VPN software, but the Router/Gateway is NOT acting as a VPN endpoint. It is only allowing the VPN connec- tion.

The PC software can use any VPN protocol supported by the remote VPN.

The remote VPN Server must support client PCs which are behind a NAT router, and so have an IP address which is not valid on the Internet.

The Router/Gateway requires no VPN configuration, since it is not acting as a VPN endpoint.

Client PC to VPN Gateway

Figure 97: Client PC to VPN Server

In this situation, the PC must run appropriate VPN client software in order to connect, via the Internet, to the ADW-4302v2 or other VPN Gateway. Once connected, the client PC has the same access to LAN resources as PCs on the local LAN (unless restricted by the network administrator).

IPSec is not the only protocol which can be used in this situation, but the ADW- 4302v2 supports IPSec ONLY.

Windows 2000 and Windows XP include an IPSec VPN client program. However, configuration of this client program for use with the ADW-4302v2 is very complex and beyond the scope of this document.

129