Netgear fvs114 사용자 설명서
Reference Manual for the ProSafe VPN Firewall FVS114
Virtual Private Networking
C-7
202-10098-01, April 2005
VPN Process Overview
Even though IPSec is standards-based, each vendor has its own set of terms and procedures for
implementing the standard. Because of these differences, it may be a good idea to review some of
the terms and the generic processes for connecting two gateways before diving into to the
specifics.
implementing the standard. Because of these differences, it may be a good idea to review some of
the terms and the generic processes for connecting two gateways before diving into to the
specifics.
Network Interfaces and Addresses
The VPN gateway is aptly named because it functions as a “gatekeeper” for each of the computers
connected on the Local Area Network behind it.
connected on the Local Area Network behind it.
In most cases, each gateway will have a public facing address (WAN side) and a private facing
address (LAN side). These addresses are referred to as the network interface in documentation
regarding the construction of VPN communication.
address (LAN side). These addresses are referred to as the network interface in documentation
regarding the construction of VPN communication.
Interface Addressing
This example uses addresses provided the VPN Consortium. However, when you set up your own
equipment, you will be using addresses specific to the devices that you are attempting to connect
via IPSec VPN.
equipment, you will be using addresses specific to the devices that you are attempting to connect
via IPSec VPN.
Figure C-4: VPN Consortium example network interface addressing
Make sure the addresses do not overlap or conflict. That is, each set of addresses should be
separate and distinct.
separate and distinct.
Gateway A
22.23.24.25
14.15.16.17
10.5.6.0/24
172.23.9.0/24
172.23.9.1
10.5.6.1
WAN IP
WAN IP
LAN IP
LAN IP
Gateway B
VPN Consortium Example
Network Interface Addressing