P-79X Series User’s Guide
128
CHAPTER 13
VPN
13.1 Overview
A virtual private network (VPN) provides secure communications between sites without the expense
of leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, authentication,
access control and auditing. It is used to transport traffic over the Internet or any insecure network
that uses TCP/IP for communication.
Internet Protocol Security (IPSec) is a standards-based VPN that offers flexible solutions for secure
data communications across a public network like the Internet. IPSec is built around a number of
standardized cryptographic techniques to provide confidentiality, data integrity and authentication
at the IP layer. The following figure is an example of an IPSec VPN tunnel.
Figure 74 VPN: Example
13.1.1 What You Can Do in the VPN Screens
•Use the Setup screen (Section 13.2 on page 130) to view the configured VPN policies and add,
edit or remove a VPN policy.
•Use the Monitor screen (Section 13.5 on page 138) to display and manage the current active
VPN connections.
13.1.2 What You Need to Know About IPSec VPN
A VPN tunnel is usually established in two phases. Each phase establishes a security association
(SA), a contract indicating what security parameters the P-79X and the remote IPSec router will
use. The first phase establishes an Internet Key Exchange (IKE) SA between the P-79X and remote
IPSec router. The second phase uses the IKE SA to securely establish an IPSec SA through which
the P-79X and remote IPSec router can send data between computers on the local network and
remote network. The following figure illustrates this.
To Next Page
Loading...
