Quick links:
Product Overview
Installation
Settings and Administration
ADSL
SIP Support
Telephone ports
Network
Firewall
Wireless
VPN
Misc
Licenses
Troubleshooting
Differences
This shows you the differences between two versions of the page.
|
vpn:start [2010/11/02 10:38] tibor |
vpn:start [2011/06/30 15:05] (current) vopatek Added links to pass-through configuration pages. |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| IPSec is the most widespread technology for VPN connections. | IPSec is the most widespread technology for VPN connections. | ||
| + | |||
| + | Read more: [[wp>VPN]] [[wp>IPsec]] | ||
| ===== What is VPN used for? ===== | ===== What is VPN used for? ===== | ||
| - | Virtual Private Networking (VPN) uses a public network (i.e. the Internet) to securely connect two different networks as if they were on the same network. For example, an employee can access the corporate network from home using VPN. | + | Virtual Private Networking (VPN) uses a public network (i.e. the Internet) to securely connect two different networks. For example, an employee can access the corporate network from home using VPN. |
| + | |||
| + | {{:vpn:vpn_ipsec_subnets.gif|VPN connection}} | ||
| + | |||
| + | Contrary to popular beliefs VPN (using IPSec technology at least) does **not** put remote clients on the same subnet. | ||
| + | They still are - :!: must be((**A** (in the figure) must be on a different subnet (= another IP address/mask combination) than **B** to be able to recognise which packets it should forward by IPSec and which packets are to be sent locally on the LAN)) - on different subnets, but they can securely communicate with each other. | ||
| ===== Pass-through vs. termination ===== | ===== Pass-through vs. termination ===== | ||
| - | The Internet Gate can handle VPN pass through. When VPN pass-through is used the Internet Gate doesn't perform any encryption or authentication in the VPN tunnel. The termination is done in the client computer and the Internet Gate only lets the tunnel traffic pass through. | + | The Internet Gate can handle VPN pass through. When VPN pass-through is used the Internet Gate doesn't perform any encryption or authentication in the VPN tunnel. The termination is done in the client computer and the Internet Gate only lets the tunnel traffic pass through. [[wp>IPsec_Passthrough#NAT_traversal_and_IPsec|IPsec pass-through]] |
| VPN termination means the VPN connection is made between the Internet Gate itself and the remote VPN client. It is the Internet Gate that authenticates and encrypts the VPN tunnel. The clients on your LAN do not need to have any VPN capability on their own. | VPN termination means the VPN connection is made between the Internet Gate itself and the remote VPN client. It is the Internet Gate that authenticates and encrypts the VPN tunnel. The clients on your LAN do not need to have any VPN capability on their own. | ||
| + | For more information regarding pass-through configuration see:\\ | ||
| + | [[web_gui:pptp_pass-through|PPTP tunnel pass-throughs]]\\ | ||
| + | [[web_gui:ipsec_pass-through|IPSec tunnel pass-throughs]]\\ | ||
| + | [[web_gui:ipsec_nat-t_pass-through|IPSec NAT-T pass-throughs]] | ||
| <if !vpn> | <if !vpn> | ||
| ^ :!: Your Internet Gate does not have VPN license. ^ | ^ :!: Your Internet Gate does not have VPN license. ^ | ||
| Line 28: | Line 39: | ||
| * IPSec [[VPN:Tunnel]] | * IPSec [[VPN:Tunnel]] | ||
| * [[VPN:Certificates]] | * [[VPN:Certificates]] | ||
| + | |||
| + | Monitor/troubleshoot: | ||
| + | * [[web_gui:vpn_status_page|IPSec Status page]] and [[web_gui:vpn_log_page|VPN log page]] | ||
