Introduction to Virtual Private Networking (VPN)
25
NAT automatically translates multiple IP addresses on the private LAN to
one public address that is sent out to the Internet. It enables the Firewall
to be used with broadband modems such as the OfficeConnect Cable
Modem, and with low cost Internet accounts where only one IP address is
provided by the ISP. See “Network Addressing Mode” on page 149 for
more information.
The DHCP server automatically assigns all PCs on the LAN with the correct
IP information. The DHCP client allows the Firewall to acquire the correct
IP settings from the ISP. See “Setting up the DHCP Server” on page 155
for more information.
Introduction to
Virtual Private
Networking (VPN)
The Firewall includes support for IPSec Virtual Private Networking. This
section provides an introduction to Virtual Private Networking (VPN).
Virtual Private
Networking
Today’s business environment requires close, real-time collaboration with
trading partners, legal, and financial advisors, as well as remote workers
and branch offices. This “real-time” requirement often leads to the
creation of an “extranet” where branch offices and partners are
connected to a primary network in one of two ways:
■
Leasing dedicated data lines to connect all sites.
■
Using the public Internet to connect all sites and remote users
together.
Each of these methods has its benefits and drawbacks. Establishing a
leased line connection between the sites offers a dedicated, secure access
but at a very high cost.
The other option is to use an existing Internet connection to transmit data
unencrypted over the public Internet network. While this option is less
expensive and can provide higher performance, it is much less secure
than dedicated site-leased lines.
VPN uses data encryption and the public Internet to provide secure
communications between sites without incurring the huge expense of
site to site leased lines.
The Firewall embodies eight different levels of encryption that can be
used to create a VPN tunnel. For the tunnel to work correctly, the
DUA1611-0AAA02.book Page 25 Thursday, August 2, 2001 4:01 PM
Содержание 3C16111 - SuperStack 3 Firewall Web Site Filter
Страница 18: ...18 DUA1611 0AAA02 book Page 18 Thursday August 2 2001 4 01 PM ...
Страница 50: ...50 DUA1611 0AAA02 book Page 50 Thursday August 2 2001 4 01 PM ...
Страница 96: ...96 CHAPTER 6 USING THE FIREWALL DIAGNOSTIC TOOLS DUA1611 0AAA02 book Page 96 Thursday August 2 2001 4 01 PM ...
Страница 122: ...122 CHAPTER 8 ADVANCED SETTINGS DUA1611 0AAA02 book Page 122 Thursday August 2 2001 4 01 PM ...
Страница 150: ...150 CHAPTER 10 CONFIGURING HIGH AVAILABILITY DUA1611 0AAA02 book Page 150 Thursday August 2 2001 4 01 PM ...
Страница 152: ...152 DUA1611 0AAA02 book Page 152 Thursday August 2 2001 4 01 PM ...
Страница 166: ...166 CHAPTER 11 ADMINISTRATION AND ADVANCED OPERATIONS DUA1611 0AAA02 book Page 166 Thursday August 2 2001 4 01 PM ...
Страница 174: ...174 DUA1611 0AAA02 book Page 174 Thursday August 2 2001 4 01 PM ...
Страница 178: ...178 CHAPTER 13 TYPES OF ATTACK AND FIREWALL DEFENCES DUA1611 0AAA02 book Page 178 Thursday August 2 2001 4 01 PM ...
Страница 190: ...190 CHAPTER 14 NETWORKING CONCEPTS DUA1611 0AAA02 book Page 190 Thursday August 2 2001 4 01 PM ...
Страница 192: ...192 DUA1611 0AAA02 book Page 192 Thursday August 2 2001 4 01 PM ...
Страница 206: ...206 APPENDIX D TECHNICAL SUPPORT DUA1611 0AAA02 book Page 206 Thursday August 2 2001 4 01 PM ...
Страница 212: ...212 INDEX DUA1611 0AAA02 book Page 212 Thursday August 2 2001 4 01 PM ...
Страница 214: ...DUA1611 0AAA02 book Page 214 Thursday August 2 2001 4 01 PM ...