Product specifications

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface

261

262

263

264

265

266

267

268

269

270

Efficient Networks

Router family

Command Line Interface Guide

Chapter 6: Connection Management

Efficient Networks

Page 6-53

Types of VPNs used

Both ATM PVCs and tunneling VPNs can be practical for LAN-to-LAN connections. If

all of the LANs are local and the connections don’t need to vary, then ATM might be

the best solution. If even one location is far away from the others or if many different

connection possibilities must be present, then tunneling makes more sense.

Advantages

Simultaneous connections to multiple sites: Multiple sites can be connected together

using this VPN strategy because each LAN-attached tunnel device can connect to

multiple locations.

Fewer tunnels to manage: By creating only one tunnel for each LAN, the number of

tunnels that have to be managed is reduced.

No workstation software required: By creating a tunnel as the LAN data sent to the

Internet, there is no need to create tunnels from each workstation and therefore no

need to install special software on each workstation.

Cost: This solution can cost far less in equipment and management since it

centralizes the tunneling functions on each LAN and is transparent to other devices

on the LAN.

Disadvantages

Mobile users still need workstation software: Even with the LAN-to-LAN approach,

mobile users still need to have software installed on their laptops if they wish to have

access to the LAN.

Secure VPN Option

Secure VPN software has been designed to provide maximum

flexibility and function.

Embedded system: Secure VPN software runs on the router without any additional

hardware. It is a software-only upgrade.

Client AND server: Each router has the capability of being a tunnel client and a tunnel

server simultaneously. If a call comes in, then the router will be a server. If a call

needs to be placed outbound, then the router will be a client. When connecting two

LANs together using L2TP, it is common for both networks to need a tunnel server

and a tunnel client, so that they can place and receive tunnel calls.

Dial-on-Demand: Tunnels are created and destroyed dynamically based on network

traffic and an inactivity timer. This allows multiple tunnels to be available, and only the

required ones are active. Tunnels can be run with or without encryption.

Multiple protocols supported: IP routing, IPX routing, and bridging are supported to

allow for Microsoft Networking, Novell networks and other non-IP protocols to function

properly through the tunnel(s).