Black Box ET0010A User Manual
Types of Network Sets
EncrypTight User Guide
169
Figure 61
Network set for a collection of networks
illustrates a network set comprised of two networks and two PEPs. In ETPM, this network set
includes both PEP 1 and PEP 2, and both network IP addresses and masks.
Figure 62
Network set that does not include a PEP
A network set does not have to include any PEPs. This is useful if you have PEPs that are encrypting
traffic between two routers that need to exchange routing protocols. If the PEPs are encrypting all traffic,
the routers cannot see the information in the routing packets. To allow the routers to exchange routing
information create a clear policy for the routing protocol, for example OSPF (protocol 89). Create one
network set with a wildcarded network (0.0.0.0) that includes PEP 1 and PEP 2. Create a second network
set with a wildcarded network (0.0.0.0), but without any PEPs. Then using these two network sets, you
can create a point-to-point policy that passes protocol 89 packets in the clear.
traffic between two routers that need to exchange routing protocols. If the PEPs are encrypting all traffic,
the routers cannot see the information in the routing packets. To allow the routers to exchange routing
information create a clear policy for the routing protocol, for example OSPF (protocol 89). Create one
network set with a wildcarded network (0.0.0.0) that includes PEP 1 and PEP 2. Create a second network
set with a wildcarded network (0.0.0.0), but without any PEPs. Then using these two network sets, you
can create a point-to-point policy that passes protocol 89 packets in the clear.
IP address
Mask
30.25.11.0
255.255.255.0
30.24.3.0
255.255.255.0