Interfaces, One-armed configuration, Two-armed configuration – Nortel Networks NN46120-104 User Manual

Two-Armed Configuration

39

Interfaces

During the initial setup procedure (see

“Configuration at Boot Up” (page

41)

), you will be asked if you want to set up a one-armed configuration or

a two-armed configuration.

One-Armed Configuration

In a one-armed configuration, only one interface is configured. It acts as
both a public interface (facing the Internet) and a private interface (facing
the intranet).

The interface (Interface 1) on the SSL VPN will handle public traffic, that
is, client traffic from and to the Internet, as well as private traffic, that is,
connecting the SSL VPN to internal resources and configuring the SSL
VPN from a management station.

Figure 1
One-Armed Configuration without Application Switch

Two-Armed Configuration

In a two-armed configuration, two separate interfaces are configured on
the VPN Gateway.

Interface 1 will handle private traffic (between the SSL VPN and the
trusted intranet), that is, connecting the SSL VPN to internal resources and
configuring the SSL VPN from a management station.

Interface 2 will handle public traffic, that is, client traffic from and to the
Internet.

A two-armed configuration is considered more secure.

Nortel VPN Gateway

User Guide

NN46120-104

02.01

Standard

14 April 2008

Copyright © 2007-2008 Nortel Networks

.