sa3450 - Virtual Private Networking Concepts Guide

Redundancy

Hewlett-Packard Company Virtual Private Networking Concepts Guide

6-3

If a client user named John Doe wants to check his mail on the

mail server on the red network, he can do so through either VPN

device A or VPN device B. If the link definition on the client

includes both VPN device devices, the tunnel to the red side is

established with the VPN device that responds first. The question

for the mail server becomes which VPN device to send its replies

through.

Since the tunnel is established only on one VPN device, all

replies must go through that VPN device. This is accomplished

using Client IPs. Since the set of Client IPs is different on each

VPN device, when the mail server uses the Client IP as the

destination address on its replies, only the VPN device on which

the tunnel has been established accepts the packets for

processing. The tunnel definitions for the two VPN device

devices appear as shown in the following table.

Related Related

Information

InformationInformation

Information

Load Balancing (page 6-1)

Tunnel Modes (page 5-20)

Tunnel Types (page 5-8)

The Template Concept

Tunnel Definition

Tunnel Definition Tunnel Definition

Tunnel Definition

Parameters

ParametersParameters

Parameters

VPN Device A

VPN Device AVPN Device A

VPN Device A VPN Device B

VPN Device BVPN Device B

VPN Device B

Group name sales sales

Client IP 10.1.1.193 10.1.1.225

Number of clients 30 30

Secure profile (must

be previously

defined)

dialup dialup

Tunnel mode Red Red

IP route Not required Not required