TCP/IP Protocol Suite 1 Upon completion you will be able to: Virtual Private Networks and Virtual Private Networks and Network Address Translation Network Address Translation • Understand the difference between an internet and an extranet • Understand private, hybrid, and virtual private networks • Understand how VPN can guarantee privacy • Understand the mechanism of NAT Objectives
TCP/IP Protocol Suite 1 Upon completion you will be able to: Virtual Private Networks and Network Address Translation Understand the difference between.
Dec 20, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
TCP/IP Protocol Suite 1
Upon completion you will be able to:
Virtual Private Networks andVirtual Private Networks andNetwork Address Translation Network Address Translation
• Understand the difference between an internet and an extranet• Understand private, hybrid, and virtual private networks• Understand how VPN can guarantee privacy• Understand the mechanism of NAT
Objectives
TCP/IP Protocol Suite 2
26.1 PRIVATE NETWORKS
A private network is designed to be used only inside an organization. It A private network is designed to be used only inside an organization. It allows access to shared resources and, at the same time, provides allows access to shared resources and, at the same time, provides privacy.privacy.
The topics discussed in this section include:The topics discussed in this section include:
Intranet Intranet Extranet Extranet Addressing Addressing
TCP/IP Protocol Suite 3
Table 26.1 Table 26.1 Addresses for private networksAddresses for private networks
TCP/IP Protocol Suite 4
26.2 VIRTUAL PRIVATE NETWORKS (VPN)
Virtual private network (VPN) is a technology for large organizations Virtual private network (VPN) is a technology for large organizations that use the global Internet for both intra- and interorganization that use the global Internet for both intra- and interorganization communication, but require privacy in their intraorganization communication, but require privacy in their intraorganization communication. communication.
The topics discussed in this section include:The topics discussed in this section include:
Achieving Privacy Achieving Privacy VPN Technology VPN Technology
TCP/IP Protocol Suite 5
Figure 26.1 Private network
TCP/IP Protocol Suite 6
Figure 26.2 Hybrid network
TCP/IP Protocol Suite 7
Figure 26.3 Virtual private network
TCP/IP Protocol Suite 8
Virtual private network
A typical VPN might have a main LAN at the corporate headquarters of a company, other LANs at remote offices or facilities and individual users connecting from out in the field.
TCP/IP Protocol Suite 9
VPN Types:
•Remote Access VPN
•Intranet VPN
•Extranet VPN
TCP/IP Protocol Suite 10
Remote-Access VPN Remote-Access VPN also called a virtual
private dial-up network (VPDN), is a user-to-LAN connection used by a company that has employees who need to connect to the private network from various remote locations.
Intranet-based - If a company has one or more remote locations that they wish to join in a single private network, they can create an intranet VPN to connect LAN to LAN.
Extranet-based - When a company has a close relationship with another company (for example, a partner, supplier or customer), they can build an extranet VPN that connects LAN to LAN, and that allows all of the various companies to work in a shared environment.
TCP/IP Protocol Suite 11
Figure 26.4 Tunneling
tunneling is the process of placing an entire packet within another packet and sending it over a network. You can place a packet that uses a protocol not supported on the Internet (such as NetBeui) inside an IP packet and send it safely over the Internet. Or you could put a packet that uses a private (non-routable) IP address inside a packet that uses a globally unique IP address to extend a private network over the Internet.
TCP/IP Protocol Suite 12
Figure 26.5 Addressing in a VPN
TCP/IP Protocol Suite 13
26.3 NETWORK ADDRESS TRANSLATION (NAT)
Network address translation (NAT) allows a site to use a set of private Network address translation (NAT) allows a site to use a set of private addresses for internal communication and a set of global Internet addresses for internal communication and a set of global Internet addresses for communication with another site. The site must have only addresses for communication with another site. The site must have only one single connection to the global Internet through a router that runs one single connection to the global Internet through a router that runs NAT software.NAT software.
The topics discussed in this section include:The topics discussed in this section include:
Address Translation Address Translation Translation Table Translation Table NAT and ISP NAT and ISP
TCP/IP Protocol Suite 14
Figure 26.6 NAT
TCP/IP Protocol Suite 15
Figure 26.7 Address translation
TCP/IP Protocol Suite 16
Figure 26.8 Translation
TCP/IP Protocol Suite 17
Table 26.2 Table 26.2 Five-column translation tableFive-column translation table
TCP/IP Protocol Suite 18
Figure 26.9 An ISP and NAT
Related Documents
