Manualshelf

User`s guide

ManualsBrandsCyclades ManualsNetworkingAlterPath OnBoard
101102103104105106107108109110
VPN on the OnSite
54
AlterPath OnSite Administrators and Users Guide
VPN on the OnSite
The OnSite administrator can set up VPN (Virtual Private Network)
connections to establish encrypted communications between the OnSite and
an individual host or all the hosts on a remote subnetwork. The encryption
creates a security tunnel for communicating through an intermediate network
that is untrustworthy.
A security gateway with the IPsec service enabled must exist on the remote
network. The IPsec gateway encrypts packets on their way to the OnSite and
decrypts packets received from the OnSite. A single host running IPsec can
serve as its own security gateway. The OnSite takes care of encryption and
decryption on its end.
Connections between a machine like the OnSite to a host or to a whole
network are usually referred to as host-to-network and host-to-host tunnel.
OnSite host-to-network and host-to-host tunnels are not quite the same as a
VPN in the usual sense, because one or both sides have a degenerated subnet
consisting of only one machine.
The OnSite is referred to as the Local or “Left” host, and the remote gateway
is referred to as the Remote or “Right” host.
The following figure shows a single host running IPsec acting as its own
security gateway on the right end and the OnSite acting as its own gateway on
the left end.
Figure 1-3: OnSite VPN Example
Work station
and IPsec gateway
Internet