Справочник Пользователя для Netopia 4753 2a4na
Virtual Private Networks (VPNs) 12-3
In either case, the Netopia Router wraps, or encapsulates, information that one end of the tunnel
exchanges with the other, in a wrapper called General Routing Encapsulation (GRE), at one end of the
tunnel, and unwraps, or decapsulates, it at the other end.
exchanges with the other, in a wrapper called General Routing Encapsulation (GRE), at one end of the
tunnel, and unwraps, or decapsulates, it at the other end.
■
IPsec stands for IP Security, a set of protocols that suppor ts secure exchange of IP packets at the IP layer.
IPsec is deployed widely to implement Vir tual Private Networks (VPNs). IPsec suppor ts two encr yption
modes: Transpor t and Tunnel. Transpor t mode encr ypts only the data por tion (payload) of each packet, but
leaves the header untouched. The more secure Tunnel mode encr ypts both the header and the payload. On
the receiving side, an IPsec-compliant device decr ypts each packet. The Netopia 4753 suppor ts the more
secure Tunnel mode.
IPsec is deployed widely to implement Vir tual Private Networks (VPNs). IPsec suppor ts two encr yption
modes: Transpor t and Tunnel. Transpor t mode encr ypts only the data por tion (payload) of each packet, but
leaves the header untouched. The more secure Tunnel mode encr ypts both the header and the payload. On
the receiving side, an IPsec-compliant device decr ypts each packet. The Netopia 4753 suppor ts the more
secure Tunnel mode.
DES stands for Data Encr yption Standard, a popular symmetric-key encr yption method. DES uses a 56-bit
key. The Netopia 4753 offers IPsec DES encr yption over the VPN tunnel.
key. The Netopia 4753 offers IPsec DES encr yption over the VPN tunnel.
Configuring the Netopia Router for use with the different protocols is done through the console-based menu
screens. Each type is described in its own section:
screens. Each type is described in its own section:
■
■
■
Your configuration depends on which protocol you (and the router at the other end of your tunnel) will use, and
whether or not you will be using the VPN client software in a standalone remote connection.
whether or not you will be using the VPN client software in a standalone remote connection.
Having both an ATMP tunnel and a PPTP expor t is not possible because functions require GRE and the router’s
PPTP expor t/ser ver does not distinguish the GRE packets it for wards. Since it processes all of them, ATMP
tunneling is impaired. For example, you cannot run an ATMP tunnel between two routers and also have PPTP
expor ted on one side.
PPTP expor t/ser ver does not distinguish the GRE packets it for wards. Since it processes all of them, ATMP
tunneling is impaired. For example, you cannot run an ATMP tunnel between two routers and also have PPTP
expor ted on one side.
Summary
A Vir tual Private Network (VPN) connects the components of one network over another network. VPNs
accomplish this by allowing you to tunnel through the Internet or another public network in a manner that
provides the same security and features formerly available only in private networks.
accomplish this by allowing you to tunnel through the Internet or another public network in a manner that
provides the same security and features formerly available only in private networks.
VPNs allow networks to communicate across an IP network. Your local networks (connected to the Netopia
Router) can exchange data with remote networks that are also connected to a VPN-capable router.
Router) can exchange data with remote networks that are also connected to a VPN-capable router.
This feature provides individuals at home, on the road, or in branch offices with a cost-effective and secure way
to access resources on remote LANs connected to the Internet with Netopia Routers. The feature is built
around three key technologies: PPTP, IPsec, and ATMP.
to access resources on remote LANs connected to the Internet with Netopia Routers. The feature is built
around three key technologies: PPTP, IPsec, and ATMP.
About PPTP Tunnels
To set up a PPTP tunnel, you create a Connection Profile including the IP address and other relevant information
for the remote PPTP par tner. You use the same procedure to initiate a PPTP tunnel that terminates at a remote
PPTP ser ver or to terminate a tunnel initiated by a remote PPTP client.
for the remote PPTP par tner. You use the same procedure to initiate a PPTP tunnel that terminates at a remote
PPTP ser ver or to terminate a tunnel initiated by a remote PPTP client.