HP VPN Server Appliance sa3110/sa3150/sa3400/sa3450 Network Layout Reference Guide
LAN-to-LAN Scenarios
Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450 Network Layout Reference Guide
27
The VPN Device
The VPN Device The VPN Device
The VPN Device
as a Firewall
as a Firewall as a Firewall
as a Firewall
(With or Without
(With or Without (With or Without
(With or Without
NAT)
NAT)NAT)
NAT)
This scenario shows the following:
• A LAN-to-LAN connection between two VPN devices.
• Each VPN device is directly attached to a router. The routers
connect through the Internet.
• Traffic travels from Router A to Router B. Router B passes
traffic directly through the VPN device.
• The VPN device performs firewall functionality on the traffic
and may or may not use NAT.
• The VPN device B decrypts the VPN traffic before passing it
to the local network.
Config file entries/routing
info:
security-profile site-to-site
tunnel SanFrancisco
ip route 210.25.129.0
255.255.255.0 205.25.128.2
Config file entries/routing info:
security-profile site-to-site
tunnel Boston
ip route 205.35.129.0 255.255.255.0
210.25.135.2
VPN Device A (No NAT)
VPN Device A (No NAT)VPN Device A (No NAT)
VPN Device A (No NAT) VPN Device B (No NAT)
VPN Device B (No NAT)VPN Device B (No NAT)
VPN Device B (No NAT)