VPN difference between LAN-TO-LAN and remte access

  • Thread starter Thread starter whepin
  • Start date Start date
W

whepin

Let's begin with a remote access vpn topology:
PC1-----VPN SERVER1-------INTERNET CLOUD-----MOBILE USER
THEN the mobile user first dials into the Internet,and
connect to VPN SERVER1.VPN SERVER1 will assign an IP
address to it, then the mobile user can communicate with
the LAN pc, such as PC1.

But if the topology looks like this(LAN-TO-LAN):
PC1---VPN SERVER1----INTERNET-----VPN SERVER2----PC2
After the vpn connection is established,will VPN SERVER1
OR 2 assign IP address to peer vpn device and PC1 OR 2?
In other words,will VPN SERVER2 get another IP from VPN
SERVER1?

I am so confused. Who can tell me some details?
What's the function of PORTS(PPTP,L2TP) and DEMAND DIAL
INTERFACE? And what is the difference?

Thanks very much!
 
When a client makes a VPN connection to a server, it is allocated a
"virtual" IP address by the server, and it uses this address to communicate
with the server.

If you establish a LAN-to-LAN VPN connection, only the router/servers
acquire a "virtual" IP for the connection. Any clients in either LAN
communicate across the link using their normal LAN IP addresses. The
router/servers have routes to forward traffic for the "other" site across
the VPN link. Individual clients on the LAN are not aware of the VPN link
(except they will notice it is slower than Ethernet!)

The main function of demand-dial interfaces in LAN-to-LAN connections is
simply this. They act as a symbolic name for the connection. You can set up
a static route and use the demand-dial interface as its symbolic gateway.
The system will add the route at connection time and automatically set it to
use the VPN connection endpoint as the interface for the route. You do not
need to know or care what actual IP address is being used (unless you are
trying to read the routing table!)

PPTP and L2TP are the protocols which RRAS uses to set up VPN
connections. They are both tunnelling protocols which allow private data to
cross the public Internet encrypted and encapsulated. The private addressed
packet is first encrypted, then encapsulated inside an IP wrapper with a
public IP.
 
Back
Top