L2F Case Study Overview



Similar documents
Overview of Access VPNs and Tunneling Technologies

Intranet Security Solution

Cisco 1600 Series Modular Desktop Access Routers

Cisco Which VPN Solution is Right for You?

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

WANs and Routers. M.Sc. Aleksandra Kanevce M.Sc. Aleksandra Bogojeska

Interconnecting Cisco Networking Devices, Part 2 **Part of CCNA Route/Switch**

Overview of Dial Interfaces, Controllers, and Lines

A More Secure and Cost-Effective Replacement for Modems

Interconnecting Cisco Networking Devices, Part 2 Course ICND2 v2.0; 5 Days, Instructor-led

Experiment # 6 Remote Access Services

VPN. Date: 4/15/2004 By: Heena Patel

Cisco AS5400 Series Universal Gateways How to Order a Cisco AS5400XM Universal Gateway

"Charting the Course...

Cisco 3600 Series Multiservice Platforms

: Interconnecting Cisco Networking Devices Part 2 v2.0 (ICND2)

Creating a VPN Using Windows 2003 Server and XP Professional

Adit 3000 Series Part Guide

Internet Broadband Router XRT-501. Quick Installation Guide

INTERCONNECTING CISCO NETWORKING DEVICES PART 2 V2.0 (ICND 2)

Introduction. Technology background

Case Study for Layer 3 Authentication and Encryption

Integrated Communications Platform

How Virtual Private Networks Work

Your Technical Point of Contact s Role

Remote Access VPN Business Scenarios

Prestige 2302R Series

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Introduction to Routing and Packet Forwarding. Routing Protocols and Concepts Chapter 1

Quick Start Guide. RV 120W Wireless-N VPN Firewall. Cisco Small Business

MCTS Guide to Microsoft Windows 7. Chapter 14 Remote Access

How To Learn Cisco Cisco Ios And Cisco Vlan

November Defining the Value of MPLS VPNs

Network Security 1 Module 4 Trust and Identity Technology

AN OVERVIEW OF REMOTE ACCESS VPNS: ARCHITECTURE AND EFFICIENT INSTALLATION

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling

CCNA Security v1.0 Scope and Sequence

Cisco Discovery 3: Introducing Routing and Switching in the Enterprise hours teaching time

CTS2134 Introduction to Networking. Module 07: Wide Area Networks

BRI to PRI Connection Using Data Over Voice

Using a VPN with Niagara Systems. v0.3 6, July 2013

SLIP and PPP. Gursharan Singh Tatla

Chapter 5. Data Communication And Internet Technology

Public Network. 1. Relatively long physical distance 2. Requiring a service provider (carrier) Branch Office. Home. Private Network.

Lab Developing ACLs to Implement Firewall Rule Sets

Associate in Science Degree in Computer Network Systems Engineering

Smart Telephone System

Cisco 3600 Series Modular, High-Density Access Routers

Quick Installation Guide

Procedure: You can find the problem sheet on Drive D: of the lab PCs. Part 1: Router & Switch

WAN Data Link Protocols

Cisco Communication Media Module

Small Business Server Part 2

VPN. VPN For BIPAC 741/743GE

Connecting the DG-102S VoIP Gateway to your network

VPN PPTP Application. Installation Guide

MANAGEMENT INFORMATION SYSTEMS 8/E

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

Connecting Remote Users to Your Network with Windows Server 2003

The BANDIT Device in the Network

Overview of the Cisco 2500 Series Access Server

IP-VPN Architecture and Implementation O. Satty Joshua 13 December Abstract

Configure ISDN Backup and VPN Connection

Linksys Gateway SPA2100-SU Manual

Cisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia 2006 Cisco Systems, Inc. All rights reserved.

Product Overview. Features CHAPTER

ewon-vpn - User Guide Virtual Private Network by ewons

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

Exam Name: Cisco Sales Associate Exam Exam Type: Cisco Exam Code: Doc Type: Q & A with Explanations Total Questions: 50

Authenticating a Lucent Portmaster 3 with Microsoft IAS and Active Directory

RA-MPLS VPN Services. Kapil Kumar Network Planning & Engineering Data. Kapil.Kumar@relianceinfo.com

Configuration and Access of FTP Server

Course Description and Outline. IT Essential II: Network Operating Systems V2.0

Fundamentals of Network Security Graphic Symbols

ZyWALL 5. Internet Security Appliance. Quick Start Guide Version 3.62 (XD.0) May 2004

How To Configure Apple ipad for Cyberoam L2TP

Cisco 12 CCNA Certification

Technical papers Virtual private networks

Build yourself an ISP

LevelOne VOI H.323 VoIP Gatekeeper. User Manual

Avaya IP Office 500 Combo Card with 4 Analog Trunks, 6 digital extensions, 2 analog extensions

Remote Annex. Quick Start for Windows. Read before installing and using Remote Annex Software Release 4.2

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

Cisco Virtual Office Express

How To Configure L2TP VPN Connection for MAC OS X client

Remote Management Services Unified Communications Addendum

WAN Technologies and Components

FTP Server Application Guide REV:

Configuring a BANDIT Product for Virtual Private Networks

Announcement date: 9 th September 2009 Effective Date: 9 th November 2009 IP Office 412 End of Sale Regional Availability: Global

Cisco 7200 Series. Product Overview. Key Features and Benefits

Using a VPN with CentraLine AX Systems

Document ID: Introduction

Key Term Quiz Answers

IBM enetwork VPN Solutions

ADSL or Asymmetric Digital Subscriber Line. Backbone. Bandwidth. Bit. Bits Per Second or bps

Upon completion of this chapter, you should be able to answer the following questions:

USB etoken and USB Flash Features Support

Transcription:

LF Case Study Overview Introduction This case study describes how one Internet service provider (ISP) plans, designs, and implements an access virtual private network (VPN) by using Layer Forwarding (LF) as the tunneling protocol. LF forwards Point-to-Point (PPP) sessions from one router to another router across a shared network infrastructure. This case study is primarily intended for network administrators and operations teams working for ISPs who provide access VPN services to enterprise customers. This case study is also useful to enterprise customers who want to establish access VPNs. This access VPN: Enables remote employees to access the enterprise customer s intranet resources when and where they want to Allows enterprise customer s networks to span from an intranet to remote clients who are connected to analog modems Figure 6 shows an enterprise customer with a specific business objective. The enterprise customer wants to give 500 users dial-up modem access to intranet resources through the public switched telephone network (PSTN). To do this, the enterprise customer contracts with an ISP who is responsible for the required dial hardware and wide-area network (WAN) services. The ISP and enterprise customer decide to use LF, because it is a stable tunneling protocol supported by many vendors and client software applications. Figure 6 End-to-End Access VPN Solution 500 users PSTN LF tunnel 80 Internet service provider Enterprise customer Access VPN LF Case Study Overview

POWER 5 0 4 6 The ISP: Purchases, configures, and maintains the network access server (). The is the point-of-presence (POP) used to forward PPP sessions to the enterprise customer s network. Supports and maintains in-house modem pools. Maintains an authentication, authorization, and accounting (AAA) server that authenticates the IP tunnel endpoint and domain name assigned to the enterprise customer s home gateway. Maintains an edge router that connects the ISP s network to the enterprise customer s network. The enterprise customer: Purchases, configures, and maintains a home gateway and clients. Authenticates and authorizes remote users usernames and passwords by using a AAA server. Note This case study illustrates one example of a -initiated access VPN. Networks containing clients who initiate encrypted IP tunnels to home gateways are called client-initiated access VPNs. Figure 7 shows the specific network devices used to build the access VPN in this case study. The ISP is responsible for a Cisco AS500 network access server, a ACS UNIX server, and a Cisco 4500-M edge router. The enterprise customer is responsible for a Cisco 706 home gateway, a ACS NT server, and the remote clients using modems. The LF tunnel runs between the Cisco AS500 and Cisco 706. The LF tunnel is forwarded across a Frame Relay network. Figure 7 Access VPN Case Study Network Topology ISP's network ACS UNIX server Enterprise customer's network Clients using modems PSTN 4 TI PRI lines Cisco AS500 network access server ACS NT server POTS lines LF tunnel Ethernet Ethernet Cisco 4500-M edge router Cisco 706 home gateway Serial lines Frame Relay data network 804 4 Access VPN Solutions Using Tunneling Technology

Device Characteristics This case study does not describe how to configure the edge router, the Frame Relay data network, or the serial interfaces on the home gateway. Although these components are shown in Figure 7, they are not critical in understanding how to build an access VPN solution and are outside the scope of this case study. For more information about how to configure Frame Relay and serial interfaces, refer to the Wide-Area Networking Configuration Guide for Cisco IOS Release.0. See Overview of Access VPNs and Tunneling Technologies earlier in this document for an overview of access VPN solutions. Device Characteristics Table 4 provides a more detailed description of the hardware and software components used in the case study. Table 4 Hardware and Software Used in the Case Study Home Gateway ACS UNIX Server ACS NT Server Client Chassis type Cisco AS500 Cisco 706 Sun workstation PC workstation PC laptop Physical interfaces Hardware components Software loaded Telephone number or username Ethernet interface 4 T PRI ports 96 terminal lines Cisco AS500 network access server 96 MICA modems, MICA CC and Quad T/PRI T cable RJ45 to RJ45 Cisco IOS Release.(7)AA Cisco AS500 series IP Fast Ethernet interface 4 serial interfaces Cisco 706, 6-slot chassis, AC power supply Cisco 700 series input/output controller with Fast Ethernet Cisco 700 series network processing engine 4-port serial port adapter, enhanced V.5 cable, DTE, male, 0 feet Cisco IOS Release.0()T Cisco 700 series IP Ethernet interface Ethernet interface RJ- port Ethernet card Ethernet card internal modem ACS UNIX version.. Solaris.6 ACS NT version. Windows NT 4.0 Windows 95 5550945 N/A N/A N/A jeremy@hgw.com password = subaru LF Case Study Overview 5

Table 4 Hardware and Software Used in the Case Study (Continued) Memory Ethernet IP Address Cisco AS500 main DRAM upgrade (from MB to 64 MB) Cisco AS500 system Flash upgrade (from 8 MB to 6 MB) Cisco AS500 boot Flash upgrade (from 4 MB to 8 MB) 7..66. 55.55.55.9 Home Gateway Cisco 700 I/O PCMCIA Flash memory, 0 MB Cisco 700 NPE 64 MB DRAM upgrade kit 7..66.5 55.55.55.9 ACS UNIX Server 8 MB RAM 8 MB swap space 7..66.8 55.55.55.9 ACS NT Server 8 MB RAM 64 MB RAM 7..66. 55.55.55.9 Client 7.0... This is the PRI telephone number assigned to the central site (). The PRI number is often called the hunt group number, which distributes calls among the available B channels. Make sure your PRI provider assigns all four PRI trunks on the Cisco AS500 to this number.. The home gateway dynamically assigns this IP address to the client in this case study. Configuration Tasks To build the access VPN, the ISP and enterprise customer must perform three major tasks to build the access VPN in this case study: Task Configuring the for Basic Dial Access Task Configuring the Access VPN to Work with Local AAA Task Configuring the Access VPN to Work with Remote AAA Table 5 describes each task in more detail and identifies the devices related to each task. A user named Jeremy with the username jeremy@hgw.com appears in many configurations, illustrations, and examples in this case study. The goal of the case study is to give Jeremy basic IP and modem services by forwarding his PPP session from the to the home gateway. To help you understand how the various hardware and software components work together to forward the PPP session, follow Jeremy through the case study. Note If you use this document to configure your own network, be sure to substitute your own IP addresses, passwords, usernames, hostnames, and telephone numbers. 6 Access VPN Solutions Using Tunneling Technology

POWER POWER 0 4 6 0 4 6 5 5 Configuration Tasks Table 5 Relationship Between Configuration Tasks and Devices Task Description Devices Configuring the for Basic Dial Access Performed by the ISP. Remote clients using modems POTS line PSTN 4 TI PRI lines Cisco AS500 06 Configuring the Access VPN to Work with Local AAA Cisco AS500 Performed by the ISP and the enterprise customer. Cisco 4500-M edge router Frame Relay data network Serial lines Cisco 706 home gateway 064 Configuring the Access VPN to Work with Remote AAA ACS UNIX server Performed by the ISP and the enterprise customer. ACS NT server Cisco AS500 Cisco 4500-M edge router Frame Relay data network Serial lines Cisco 706 home gateway LAN 065 LF Case Study Overview 7

8 Access VPN Solutions Using Tunneling Technology

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information