2 tunneling using ppp, 3 tunneling using gre, Fig. 32.1 – Westermo RedFox Series User Manual
Page 749
Westermo OS Management Guide
Version 4.17.0-0
GW
Remote
PC
Central office network
Branch office network
Home
Central Office
Branch Office
Road−warrior
Internet
Secure
tunnels
GW
Remote
Figure 32.1: IPsec VPN tunnels can be used to securely connect hosts and net-
works over the Internet.
Both IPsec and SSL VPNs offer high level security. SSL VPNs are commonly con-
sidered easier to configure, and is often preferred to setup VPNs through firewalls
managed by an external organisation. In other situations IPsec is the only choice,
as it may be mandated by the customers.
Both SSL and IPsec VPNs are able to carry encrypted IP traffic. The WeOS SSL VPN
is also able to carry encrypted Ethernet traffic, however, as of WeOS v4.17.0 this
traffic can be routed but not bridged. Support for bridged SSL VPNs is planned,
but not yet supported. IPsec VPNs are further described in
and SSL
VPNs are covered in
32.2
Tunneling using PPP
WeOS supports PPP over serial ports (as PPP client and server), and PPP over
Ethernet (PPPoE) as client. PPP support is further described in
32.3
Tunneling using GRE
WeOS provides support for GRE tunnels (IP over GRE), which is useful in scenarios
IPsec VPNs and OSPF are used to provide secure and redundant connectivity
between branch offices and a central office. WeOS GRE support is covered in
➞ 2015 Westermo Teleindustri AB
749