Avocent Access Router Cyclades-PR2000 User Manual

Cyclades-PR2000

Chapter 14 - Virtual Private Network Configuration

115

CHAPTER 14 VIRTUAL PRIVATE NETWORK CONFIGURATION

The Virtual Private Network utility can be used on any link using IP routing. It is used to provide greater
security between two or more networks connected through a public communications network. The basic
concepts are presented in Figure 14.1. An IP datagram is sent by a device on the LAN. The message arrives
at the router. The router has two tables. One with all the IP addresses contained in the Local Security Network
and another with all the IP addresses in the Remote Security Networks. If the source IP address is contained
in the Local Security Network list and the destination IP address is contained in the Remote Security Network
list, the message is encrypted and encapsulated. The only destination address is that for the remote gateway
(defined in the Remote Security Network list). Upon arrival at the remote gateway, the packet is unwrapped
and sent to its destination.

......

......

......

......

......

....

PC

PC

Message

Message

Message

PR3000

PR4000

Header

Header with destination:

remote security gateway

IP Address

IP Datagram

sent by user

Conversion
performed by Router
with Cyclades’ VPN

As sent by

local Gateway

As received by
remote Gateway

Source IP Address

Destination IP Address

IP Options and Data

Encrypted IP Datagram

Header with destination:

remote security gateway

IP Address

Encrypted IP Datagram

Message

Header

Source IP Address

Destination IP Address

IP Options and Data

Local

Gateway

Remote

Gateway

Public

Network

FIGURE 14.1 CONVERSION PERFORMED BY CYCLADES’ VIRTUAL PRIVATE NETWORK UTILITY