VPN - Vanguard Networks
VPN - Vanguard Networks
VPN - Vanguard Networks
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>VPN</strong> Applications<br />
<strong>VPN</strong> Applications<br />
Tunneling and<br />
Address<br />
Translation<br />
Figure 1-1 shows a network diagram of a company that has three sites (A, B, <br />
and C) connected to the Internet. The Internet has assigned 15.0.1.2 to Site A,<br />
17.0.1.18 to Site B and 215.1.84.3 to Site C. The company is using 10.0.x.x as its<br />
private IP address space. Each site is given a distinct IP subnet address from<br />
10.0.x.x.<br />
• It is required that any host in any site (example H1) should be able to<br />
communicate with any host (example X1) in the Internet.<br />
• It is required that any host (example H1) should be able to communicate with<br />
any other host (example H2) in any of the company’s sites using the<br />
destination’s private address. i.e. H1 should be able to communicate with H2<br />
using H2’s private address 10.0.3.8.<br />
The above requirements can be met by using following solutions:<br />
• NAT can be enabled on the interfaces which are connected to the Internet.<br />
When the packet from H1 reaches R1 and is destined for X1, R1 translates the<br />
source address 10.0.1.5 to 15.0.1.2 and sends it to X1 and does destination<br />
address translation when a reply comes back from X1.<br />
• Three tunnels can be established between R1 to R2, R2 to R3 and R1 to R3.<br />
When a packet is sent from H1 to H2, the original packet is tunneled by<br />
appending a tunnel header and an IP header. The new IP header uses the<br />
public address 15.0.1.2 as source address and 215.1.84.3 as destination<br />
address. When the tunneled packet reaches R2, the packet is decapsulated and<br />
the original packet is sent to H2.<br />
Site A<br />
10.0.1.0<br />
R1<br />
15.0.1.2<br />
Internet<br />
17.0.1.18<br />
Site B<br />
10.0.2.0<br />
R3<br />
H1<br />
180.1.50.2 X1<br />
H3<br />
10.0.1.5 10.0.2.6<br />
Site C<br />
10.0.3.0<br />
215.1.84.3<br />
R2<br />
H2<br />
10.0.3.8<br />
Figure 1-1. Tunneling and Address Translation<br />
Virtual Private Network 1-3<br />
T0103-10, Revision L Release 7.3