Quick links:
Product Overview
Installation
Settings and Administration
ADSL
SIP Support
Telephone ports
Network
Firewall
Wireless
VPN
Misc
Licenses
Troubleshooting
Differences
This shows you the differences between two versions of the page.
|
vpn:start [2010/11/04 14:14] tibor |
vpn:start [2011/06/30 15:05] (current) vopatek Added links to pass-through configuration pages. |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| IPSec is the most widespread technology for VPN connections. | IPSec is the most widespread technology for VPN connections. | ||
| + | |||
| + | Read more: [[wp>VPN]] [[wp>IPsec]] | ||
| ===== What is VPN used for? ===== | ===== What is VPN used for? ===== | ||
| Line 11: | Line 13: | ||
| {{:vpn:vpn_ipsec_subnets.gif|VPN connection}} | {{:vpn:vpn_ipsec_subnets.gif|VPN connection}} | ||
| - | Contrary to popular beliefs VPN (using IPSec technology at least) does **not** put remote clients on the same subnet. They still are -must be!((A must be on different subnet than B to be able to recognise what packets it should send using IPSec and what packets are intended to be sent locally on the LAN))- on different subnets, but they can securely communicate with each other. | + | Contrary to popular beliefs VPN (using IPSec technology at least) does **not** put remote clients on the same subnet. |
| + | They still are - :!: must be((**A** (in the figure) must be on a different subnet (= another IP address/mask combination) than **B** to be able to recognise which packets it should forward by IPSec and which packets are to be sent locally on the LAN)) - on different subnets, but they can securely communicate with each other. | ||
| ===== Pass-through vs. termination ===== | ===== Pass-through vs. termination ===== | ||
| - | The Internet Gate can handle VPN pass through. When VPN pass-through is used the Internet Gate doesn't perform any encryption or authentication in the VPN tunnel. The termination is done in the client computer and the Internet Gate only lets the tunnel traffic pass through. | + | The Internet Gate can handle VPN pass through. When VPN pass-through is used the Internet Gate doesn't perform any encryption or authentication in the VPN tunnel. The termination is done in the client computer and the Internet Gate only lets the tunnel traffic pass through. [[wp>IPsec_Passthrough#NAT_traversal_and_IPsec|IPsec pass-through]] |
| VPN termination means the VPN connection is made between the Internet Gate itself and the remote VPN client. It is the Internet Gate that authenticates and encrypts the VPN tunnel. The clients on your LAN do not need to have any VPN capability on their own. | VPN termination means the VPN connection is made between the Internet Gate itself and the remote VPN client. It is the Internet Gate that authenticates and encrypts the VPN tunnel. The clients on your LAN do not need to have any VPN capability on their own. | ||
| + | For more information regarding pass-through configuration see:\\ | ||
| + | [[web_gui:pptp_pass-through|PPTP tunnel pass-throughs]]\\ | ||
| + | [[web_gui:ipsec_pass-through|IPSec tunnel pass-throughs]]\\ | ||
| + | [[web_gui:ipsec_nat-t_pass-through|IPSec NAT-T pass-throughs]] | ||
| <if !vpn> | <if !vpn> | ||
| ^ :!: Your Internet Gate does not have VPN license. ^ | ^ :!: Your Internet Gate does not have VPN license. ^ | ||
| Line 32: | Line 39: | ||
| * IPSec [[VPN:Tunnel]] | * IPSec [[VPN:Tunnel]] | ||
| * [[VPN:Certificates]] | * [[VPN:Certificates]] | ||
| + | |||
| + | Monitor/troubleshoot: | ||
| + | * [[web_gui:vpn_status_page|IPSec Status page]] and [[web_gui:vpn_log_page|VPN log page]] | ||
