Manualshelf

User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentANG-3000
271272273274275276277278279280
XSR Users Guide 241
Chapter 11 VPN Applications
Configuring the Virtual Private Network
Tunnels are more easily scalable in multiple router topologies
Network managment is more robust
Remote Access - XSR functions as a tunnel server, establishing dial-up
connections with clients over the Internet via local ISPs.
The XSR supports multiple combinations of the above applications and
includes auxiliary functionality such as:
RADIUS authentication
PKI authentication
NAT traversal
IP address management
Dynamic routing over VPN (remote access only)
OSPF over VPN
DF Bit override on IPSec tunnels
Site-to-Site Networks
Site-to-site tunnels operate as point-to-point connections and are used to
leverage a relatively inexpensive connection to the Internet, replacing costly
leased lines. They are useful when connecting geographically dispersed
network segments where each segment contains servers and hosts. VPN
tunnels play the role of point-to-point links and are transparent from a
routing perspective.
Figure 42 shows a link between two XSR sites, but this architecture can be
extended to link many sites by creating a mesh topology.
Because routing data is exchanged over the established tunnels each site is
able to reach any other site. While it is extremely flexible for mesh networks,
site-to-site is also useful within a hub-and-spoke topology.