beautypg.com

Vpn creation by connecting discontinuous subnets, Gre-ipsec tunnel application, Scope enlargement of a hop-limited protocol – H3C Technologies H3C SecPath F1000-E User Manual

Page 5

background image

4

Scope enlargement of a hop-limited protocol such as RIP

Figure 5 Network scope enlargement


When the hop count between two terminals exceeds 15, the terminals cannot communicate with each

other. Using GRE, you can hide some hops so as to enlarge the scope of the network.

VPN creation by connecting discontinuous subnets

Figure 6 Connect discontinuous subnets with a tunnel to form a VPN


In the example as shown in

Figure 6

, subnets Group 1 and Group 2 are deployed in different cities. They

can constitute a trans-WAN virtual private network (VPN) through the tunnel.

GRE-IPsec tunnel application

Figure 7 GRE-IPsec tunnel application

Internet

Corporate

intranet

Remote office

network

Device A

Device B

GRE tunnel

IPSec tunnel


GRE can work with IPsec, allowing data packets like routing protocol, voice, and video packets to be

encapsulated by GRE and then encrypted by IPsec to improve security of data transmission in a tunnel.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: