|
|
This chapter provides an overview of the business scenarios covered in this guide, items you should consider before attempting to configure a Virtual Private Network (VPN) on your Cisco 7100 series router, and the assumptions this guide makes.
This chapter includes the following sections:
The intranet and extranet scenarios explained in this guide provide a remote office and a business partner access to a corporate headquarters network through secure generic routing encapsulation (GRE) or IP Security Protocol (IPSec) tunnels. The remote access scenario provides a remote user access to a corporate headquarters network through secure IPSec, Point-to-Point Tunneling Protocol (PPTP), or Layer 2 Tunnel Protocol (L2TP) tunnels. (See Figure 2-1.)
![]() |
Note For detailed information on configuring network access server (NAS)-initiated access VPNs using the Layer 2 Forwarding (L2F) tunneling protocol, refer to the Access VPN Solutions Using Tunneling Technology publication. |
In each scenario, a tunnel is constructed, encryption is applied on the tunnel, and different traffic types (for example, IP, User Datagram Protocol [UDP], and Transmission Control Protocol [TCP]) are either permitted or denied access to the tunnel. This controls the level of access the remote office and business partner have to the corporate intranet and secures the data exchanged between the sites.
The intranet VPN business scenario explained in "Intranet and Extranet VPN Business Scenarios" links the corporate headquarters to a remote office using connections across the Internet. Users in the remote office are able to access resources as if they were part of the private corporate intranet.
The extranet VPN business scenario explained in "Intranet and Extranet VPN Business Scenarios" builds on the VPN scenario by linking the same corporate headquarters to a business partner using connections across the Internet; however, the business partner is given limited access to the headquarters network---the business partner can access only the headquarters' public Web server.
The remote access VPN business scenario, explained in "Remote Access VPN Business Scenario" provides a remote user access to the corporate headquarters network through a secure IPSec, PPTP, or L2TP tunnel that is initiated by the remote user running VPN client software on a PC. In this scenario, the user can access the corporate network remotely.
![]() |
Note Although supported by Cisco 7100 series routers, this guide does not explain how to configure your router for use with the Cisco Secure VPN Client. For detailed information on client-initiated VPNs using Cisco Secure VPN Client software, refer to the Cisco Secure VPN Client Solutions Guide publication. If you have an account on Cisco Connection Online (CCO), you can access the Cisco Secure VPN Client Solutions Guide publication from CCO by logging on and selecting Technical Documents: Cisco Product Documentation: Internet Service Unit (ISU) Documentation: Cisco Secure VPN Client: Cisco Secure VPN Client Solutions Guide. |
The following are considerations to observe when configuring a VPN on your Cisco 7100 series router:
This guide assumes the following:
![]() |
Note The scenarios in this guide do not explain how to configure CA interoperability on your Cisco 7100 series router. For detailed configuration information on CA interoperability, refer to the "Configuring Certification Authority Interoperability" chapter in the Security Configuration Guide. |
![]() |
Note For advanced firewall configuration information, refer to the "Traffic Filtering and Firewalls" part of the Security Configuration Guide. |
![]()
![]()
![]()
![]()
![]()
![]()
![]()
Posted: Thu Jun 29 13:39:43 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.