Nortel 820 Betriebsanweisung
Installation and Reference for the BayStack 820 ISDN Router
1-8
206901-A
To create a VPN, a special connection, called a “tunnel,” is first established
between the two sites. Tunnels allow IP, IPX, and bridging traffic to flow across
IP networks, including NetBIOS information (for Windows networking)
encapsulated within IP or IPX packets. Through the VPN tunnel, all resources and
applications on the remote LAN become available to the local site.
between the two sites. Tunnels allow IP, IPX, and bridging traffic to flow across
IP networks, including NetBIOS information (for Windows networking)
encapsulated within IP or IPX packets. Through the VPN tunnel, all resources and
applications on the remote LAN become available to the local site.
You can specify Data Encryption Standard (DES) encryption for user data
sessions through tunnels to assure privacy. The use of the various levels of
encryption within a router is subject to United States export control regulations.
sessions through tunnels to assure privacy. The use of the various levels of
encryption within a router is subject to United States export control regulations.
You configure a VPN tunnel in a similar manner to a conventional telephone line.
Data is transferred only when a user connection is established, therefore
authentication is not required when you establish the tunnel. You must, however,
configure authentication information for the connection profile that is used for the
user data session flowing through the tunnel. After the tunnel is established, one
or more user data sessions can flow through the tunnel.
Data is transferred only when a user connection is established, therefore
authentication is not required when you establish the tunnel. You must, however,
configure authentication information for the connection profile that is used for the
user data session flowing through the tunnel. After the tunnel is established, one
or more user data sessions can flow through the tunnel.
When a workstation on the LAN sends data to a resource reachable through a
VPN connection profile, a tunnel to the remote site is established and the VPN
user data session starts, beginning with a PPP authentication exchange.
VPN connection profile, a tunnel to the remote site is established and the VPN
user data session starts, beginning with a PPP authentication exchange.
When a remote site requests that a tunnel be established, the router searches for a
connection profile that matches the connection request. When the tunnel is
established, the remote site initiates a user session to flow through that tunnel and
the router searches for a VPN connection profile that matches the request. When
the router verifies the matching VPN connection profile, the information in the
Profile is used to authenticate the incoming call, and then data transfer begins.
connection profile that matches the connection request. When the tunnel is
established, the remote site initiates a user session to flow through that tunnel and
the router searches for a VPN connection profile that matches the request. When
the router verifies the matching VPN connection profile, the information in the
Profile is used to authenticate the incoming call, and then data transfer begins.
illustrates how the BayStack 820 ISDN Router supports a VPN tunnel
through the Internet over an ISDN network.
Figure 1-5.
VPN Tunnel Through the Internet Over ISDN
Internet
VPN tunnel over ISDN
Secure data
Router #1
Router #2
ISP
ISP
9395EA