Installation guide

4
C
C
h
h
a
a
p
p
t
t
e
e
r
r
2
2
.
.
V
V
P
P
N
N
F
F
u
u
n
n
c
c
t
t
i
i
o
o
n
n
This chapter is divided into the following sections,
Section 2.1: VPN Dial-in Function
Section 2.2: VPN Dial-out Function
Section 2.3: VPN Three Parts Communication
Section 2.4: IPSec Host to LAN ( Smart VPN Client ) – DHCP over IPSec
Section 2.5: VPN PPTP Host-to LAN by Smart VPN Client
2
2
.
.
1
1
.
.
1
1
I
I
n
n
t
t
r
r
o
o
d
d
u
u
c
c
t
t
i
i
o
o
n
n
The first example is to establish a LAN to LAN VPN Tunnel. The basic form of LAN to
LAN VPN is to let both routers' internal networks can connect with to each other. In this
example since only one site has a fixed IP address, the VPN tunnel must be established in
one direction .(from dynamic-IP site to fixed-IP site). If you do want both sites can
always to initiate the connection automatically, the router with the dynamic IP must be
always online. Otherwise, only one direction can work normally. In this example, only
Vigor 3300V has a fixed IP address, so when the VPN Tunnel is dropped, Vigor 3300V
cannot initiate a connection to Vigor 2900V.
Suppose the Headquarters in Taipei uses a Vigor 3300V, while the branch office in
Shanghai uses a Vigor2900V. The network administrator requires the employees in
branch office to access the database in the headquarters through the encrypted VPN
tunnels. The purpose is to avoid leakage of relevant confidential information which is
important. Please refer to Figure 2-1.
Figure 2-1. A scenario of VPN in dial-in from Vigor 2900V