Example scenario
Introduction |
This solution shows the linking of two locations by an IPSec connection in which the RIPv2 routing protocol is used to transmit the IP network areas configured in both locations. Using a routing protocol is particularly beneficial in the case of more complex network structures (more IP network areas), because changes in the network structure are automatically propagated to all the routers involved in the network via the routing protocol. The example that follows aims to explain the way it works.
The GUI is used to do the configuration.
Example scenario
In our example, an additional network is now to be added at Location A. With statically configured routing the result of this would be that the VPN gateway configuration at both locations would need to be changed. This is not the case if a routing protocol is used. In such cases, only the Location A VPN gateway needs to be configured. Specifically, the administrator only needs to configure the network on the LAN interface of the Location A VPN gateway. The routing protocol takes care of the rest.
The VPN gateways support the use of routing protocols, including in connection with IPSec connections. The following workshop aims to clarify this using a concrete example.
The following are required for the configuration:
A VPN gateway bintec RS353™ series at head office
A VPN gateway bintec RS123™ series at the field office
A boot image of Version 10.1.9 on both gateways
Both gateways require an independent connection to the Internet
| RS123 Location A (Field Office): | |
|---|---|
| System Name | RS123 field office 1 (used as local IPSec peer ID) |
| LAN IP address | 10.0.0.30 |
| LAN IP subnet mask | 255.255.255.224 |
| Public Internet IP address | 62.146.1.1 (a host name can also be used here) |
| Standard gateway IP address | 62.146.1.2 |
| Local IP address of the IPSec interface | 1.0.0.1 (Important: this IP address must be unique, i. e. may not be in the locations' LAN IP address range.) |
| RS353 Location B (Head Office): | |
|---|---|
| System Name | RS353 head office (used as local IPSec peer ID) |
| LAN IP address | 100.0.0.30 |
| LAN IP subnet mask | 255.255.255.224 |
| Public Internet IP address | 62.147.1.1 (a host name can also be used here) |
| Standard gateway IP address | 62.147.1.2 |
| Local IP address of the IPSec interface | 1.0.0.2 (Important: this IP address must be unique, i. e. may not be in the locations' LAN IP address range.) |
| Copyright© Version 08/2020 bintec elmeg GmbH |