A VPN Tunnel is a secure site-to-site logical connection between multiple ePipe units. However, instead of traffic flowing across a point-to-point connection, the traffic is routed through the Internet. The ePipes are the VPN tunnel endpoints and data flowing through the tunnel is secured. Tunnel endpoints are identified on the Internet by each ePipes' IP address, as supplied by your ISP.
VPN tunnels based on bundles with multiple dialers or links use end-to-end bonding (E2B) and IPSec (IP Security) tunnel mode with ESP (Encapsulating Security Payload). ESP controls VPN Tunnel authentication and provides data privacy by selection of an encryption cipher (DES, 3DES, or Blowfish).
E2B tunnels provide TCP encapsulation in order for IPSec secured traffic to traverse Internet firewalls transparently.
Like dialers and links, each tunnel must be given a unique name for identification. Tunnel endpoints are also identified as client or server; for example, the central site ePipe would be configured as the tunnel server, and the remote sites would be clients.
Once the VPN Tunnel is configured, a Virtual Bundle is created that initiates the VPN connection. The Virtual Bundle can also have traffic filters applied to it using the same filtering mechanism as a Connection Bundle filter.
The Virtual Bundle filter helps limit traffic traversing the VPN tunnel which reduces congestion and prevents unauthorised information flow between locations.
For example, it's possible to allow intersite email to traverse the VPN, but prevent FTP (File Transfer Protocol) exchanges.
Copyright © 2002 ePipe Pty. Ltd. All rights reserved.