4556666
Páginas: 5 (1200 palabras)
Publicado: 25 de mayo de 2012
Dynamic Route Based Virtual Private
Network
Document Scope
This solutions document provides details about Route Based Virtual Private Network (VPN) Technology,
its advantages, and procedures to configure a Dynamic Route Based VPN.
This document contains the following sections:
•
“Overview” section on page 1
•
“Using Dynamic Route Based VPN” section on page 2
•
“ConfiguringRouting Protocol for a Tunnel Interface” section on page 4
Overview
This section provides an introduction to Route Based VPN. This section contains the following subsections:
•
“What is a Dynamic Route Based VPN?” section on page 1
•
“Benefits” section on page 2
•
“Platforms” section on page 2
What is a Dynamic Route Based VPN?
In general, a Virtual Private Network (VPN) isa way for companies to have the same security as if all the
distributed networks were together, with only one access to the private network, or intranet. Each location
has a firewall, configured specially so that it recognizes all the other firewall locations. When the firewall
sees a packet headed outward to another protected location, the packet is encrypted. After it travels across
theInternet, the receiving firewall then decrypts the packet.
A policy-based approach forces the VPN policy configuration to include the network topology
configuration. This makes it difficult for the network administrator to configure and maintain the VPN
policy with a constantly changing network topology.
With the Dynamic Route Based VPN approach, network topology configuration is removed from theVPN
policy configuration. The VPN policy configuration creates a Tunnel Interface between two end points.
Dynamic routes can then be added to the Tunnel Interface. The Dynamic Route Based VPN feature
provides flexibility to efficiently manage the changes in your network.
SonicWALL Route Based VPN Feature Module
1
Using Route Based VPN
Benefits
Benefits
Not only does Route BasedVPN make configuring and maintaining the VPN policy easier, a major
Not only does Route Based VPN make configuring and maintaining the VPN policy easier, a major
advantage of the Route Based VPN feature is that it provides flexibility on how traffic is routed. With this
advantage of the Route Based VPN feature is that it provides flexibility on how traffic is routed. With this
feature, userscan now define multiple paths for overlapping networks over a clear or redundant VPN.
feature, users can now define multiple paths for overlapping networks over a clear or redundant VPN.
Platforms
The Route Based is a feature is SonicOS on SonicOS 5.6
Route Based VPNVPNfeature for supported5.5 Enhanced. Enhanced and higher.
Using Route Based VPN
Dynamic Route Based VPN
Dynamic routebased VPN configuration is a two
This section contains the following subsections: step process. The first step involves creating a Tunnel
Interface. The crypto suites used to secure the traffic between two end-points are defined in the Tunnel
• “Configuring Static Route Based VPN” section on page 2
Interface. The second step involves configuring the Routing Protocol for the Tunnel Interface.
•This“Configuration Overview” section on page 2
section contains the following subsections:
•
•
•
•
“Adding a Tunnel Interface” section on page 3
“Configuration Overview” section on page 2
“Creatinga a Static Route for Tunnel Interface” section on page 4
“Adding Tunnel Interface” section on page 3
•
•
•
“Route Entries for Different Network Segments” section on page 5
“ConfiguringRouting Protocol for a Tunnel Interface” section on page 4
“Redundant Static Routes for a Network” section on page 6
•
“Drop Tunnel Interface” section on page 6
Configuration “Creating a Static Route for Drop Tunnel Interface” section on page 7
Overview
•
The Tunnel Interface is created when a Policy of type “Tunnel Interface” is added for the remote gateway.
The Tunnel Interface...
Network
Document Scope
This solutions document provides details about Route Based Virtual Private Network (VPN) Technology,
its advantages, and procedures to configure a Dynamic Route Based VPN.
This document contains the following sections:
•
“Overview” section on page 1
•
“Using Dynamic Route Based VPN” section on page 2
•
“ConfiguringRouting Protocol for a Tunnel Interface” section on page 4
Overview
This section provides an introduction to Route Based VPN. This section contains the following subsections:
•
“What is a Dynamic Route Based VPN?” section on page 1
•
“Benefits” section on page 2
•
“Platforms” section on page 2
What is a Dynamic Route Based VPN?
In general, a Virtual Private Network (VPN) isa way for companies to have the same security as if all the
distributed networks were together, with only one access to the private network, or intranet. Each location
has a firewall, configured specially so that it recognizes all the other firewall locations. When the firewall
sees a packet headed outward to another protected location, the packet is encrypted. After it travels across
theInternet, the receiving firewall then decrypts the packet.
A policy-based approach forces the VPN policy configuration to include the network topology
configuration. This makes it difficult for the network administrator to configure and maintain the VPN
policy with a constantly changing network topology.
With the Dynamic Route Based VPN approach, network topology configuration is removed from theVPN
policy configuration. The VPN policy configuration creates a Tunnel Interface between two end points.
Dynamic routes can then be added to the Tunnel Interface. The Dynamic Route Based VPN feature
provides flexibility to efficiently manage the changes in your network.
SonicWALL Route Based VPN Feature Module
1
Using Route Based VPN
Benefits
Benefits
Not only does Route BasedVPN make configuring and maintaining the VPN policy easier, a major
Not only does Route Based VPN make configuring and maintaining the VPN policy easier, a major
advantage of the Route Based VPN feature is that it provides flexibility on how traffic is routed. With this
advantage of the Route Based VPN feature is that it provides flexibility on how traffic is routed. With this
feature, userscan now define multiple paths for overlapping networks over a clear or redundant VPN.
feature, users can now define multiple paths for overlapping networks over a clear or redundant VPN.
Platforms
The Route Based is a feature is SonicOS on SonicOS 5.6
Route Based VPNVPNfeature for supported5.5 Enhanced. Enhanced and higher.
Using Route Based VPN
Dynamic Route Based VPN
Dynamic routebased VPN configuration is a two
This section contains the following subsections: step process. The first step involves creating a Tunnel
Interface. The crypto suites used to secure the traffic between two end-points are defined in the Tunnel
• “Configuring Static Route Based VPN” section on page 2
Interface. The second step involves configuring the Routing Protocol for the Tunnel Interface.
•This“Configuration Overview” section on page 2
section contains the following subsections:
•
•
•
•
“Adding a Tunnel Interface” section on page 3
“Configuration Overview” section on page 2
“Creatinga a Static Route for Tunnel Interface” section on page 4
“Adding Tunnel Interface” section on page 3
•
•
•
“Route Entries for Different Network Segments” section on page 5
“ConfiguringRouting Protocol for a Tunnel Interface” section on page 4
“Redundant Static Routes for a Network” section on page 6
•
“Drop Tunnel Interface” section on page 6
Configuration “Creating a Static Route for Drop Tunnel Interface” section on page 7
Overview
•
The Tunnel Interface is created when a Policy of type “Tunnel Interface” is added for the remote gateway.
The Tunnel Interface...
Leer documento completo
Regístrate para leer el documento completo.