Enterasys Networks Security Router X-PeditionTM User Manual

Page 24

Advertising

background image

xxii

ADSL Hardware ..................................................................................................................................... 13-5

NIM Card .......................................................................................................................................... 13-5
ADSL on the Motherboard................................................................................................................ 13-6
DSP Firmware .................................................................................................................................. 13-6

ADSL Data Framing ............................................................................................................................... 13-6
ATM Support .......................................................................................................................................... 13-6

Virtual Circuits .................................................................................................................................. 13-6
OAM Cells ........................................................................................................................................ 13-7
Performance Monitoring ................................................................................................................... 13-7
Class of Service................................................................................................................................ 13-7

DSLAM Compatibility ............................................................................................................................. 13-7
Access Concentrator Restrictions .......................................................................................................... 13-7
Inverse ARP ........................................................................................................................................... 13-8
QoS ........................................................................................................................................................ 13-8
SNMP ..................................................................................................................................................... 13-8

Configuration Examples ............................................................................................................................... 13-8

PPPoE .............................................................................................................................................. 13-8
PPPoA .............................................................................................................................................. 13-9
IPoA................................................................................................................................................ 13-10

Chapter 14: Configuring the Virtual Private Network

VPN Overview .............................................................................................................................................. 14-1

Internet Security Issues .......................................................................................................................... 14-1
How a Virtual Private Network Works .................................................................................................... 14-2

Ensuring VPN Security with IPSec/IKE/GRE ............................................................................................... 14-2

GRE over IPSec ..................................................................................................................................... 14-4
Defining VPN Encryption ........................................................................................................................ 14-5

Describing Public-Key Infrastructure (PKI) ................................................................................................... 14-5

Digital Signatures ................................................................................................................................... 14-5
Certificates ............................................................................................................................................. 14-6
Machine Certificates for the XSR ........................................................................................................... 14-6
CA Hierarchies ....................................................................................................................................... 14-7
Certificate Chains ................................................................................................................................... 14-7
RA Mode ................................................................................................................................................ 14-8
Pending Mode ........................................................................................................................................ 14-9
Enroll Password ..................................................................................................................................... 14-9
CRL Retrieval ......................................................................................................................................... 14-9
Renewing and Revoking Certificates ..................................................................................................... 14-9

DF Bit Functionality ...................................................................................................................................... 14-9
VPN Applications ........................................................................................................................................ 14-10

Site-to-Site Networks ........................................................................................................................... 14-11
Site-to-Central-Site Networks ............................................................................................................... 14-11

NAT Traversal ................................................................................................................................ 14-11
Client Mode .................................................................................................................................... 14-12
Network Extension Mode (NEM) .................................................................................................... 14-13

Remote Access Networks .................................................................................................................... 14-13
Using OSPF Over a VPN Network ....................................................................................................... 14-14

OSPF Commands .......................................................................................................................... 14-14
Configuring OSPF Over Site-to-Central Site in Client Mode .......................................................... 14-14
Configuring OSPF over Site-to-Central Site in Network Extension Mode ...................................... 14-16
Server ............................................................................................................................................. 14-17
Client .............................................................................................................................................. 14-17
Configuring OSPF with Fail Over (Redundancy)............................................................................ 14-17

Advertising