Manualsbrain.com
  1. Manuals
  2. Brands
  3. Black Box
  4. ET0010A
  5. User Manual

Black Box ET0010A User Manual

Download
Page of 352
Managing IP Networks
162
EncrypTight User Guide
Figure 56
Two networks with contiguous addressing defined as a supernet 
If you group the two networks into a supernet and the policy encrypts traffic between these two networks 
and five other networks, the PEP for this network set would contain only five SAs and keys for each 
direction, instead of 10. 
NOTE
Where the subnetwork addresses are not completely contiguous, grouping these networks can result in the 
inclusion of an unintended subnetwork. 
Using Non-contiguous Network Masks
Non-contiguous masks are useful when you want to create a policy for devices in a network that contain 
a specific octet within an IP address. Non-contiguous network masks are available on ETEP PEPs version 
1.4 and later. 
The following example demonstrates the use of non-contiguous network masks to pass unencrypted 
traffic from specific addresses while encrypting everything else. 
 depicts a mesh network in 
which all traffic on each subnet is encrypted. A router is located on each of the PEP’s remote ports, 
which means that all traffic to it is encrypted. However, the router port that is connected to the PEP’s 
remote port is the default gateway for the site. In order to manage the router, traffic from the laptop needs 
to pass in the clear. VoIP traffic also needs to pass in the clear. Each site uses IP addresses of x.x.x.129 
and x.x.x.1 for the default gateway.