![Tp-Link TL-ER6020 Инструкция по эксплуатации онлайн [88/168] 39132](/img/pdf.png)
Tp-Link TL-ER6020 Инструкция по эксплуатации онлайн [88/168] 39132
![Tp-Link TL-ER6020 Инструкция по эксплуатации онлайн [88/168] 39132](/views2/1042336/page88/bg58.png)
-83-
3.5 VPN
VPN (Virtual Private Network) is a private network established via the public network, generally via the
Internet. However, the private network is a logical network without any physical network lines, so it is
called Virtual Private Network.
With the wide application of the Internet, more and more data are needed to be shared through the
Internet. Connecting the local network to the Internet directly, though can allow the data exchange, will
cause the private data to be exposed to all the users on the Internet. The VPN (Virtual Private Network)
technology is developed and used to establish the private network through the public network, which
can guarantee a secured data exchange.
VPN adopts the tunneling technology to establish a private connection between two endpoints. It is a
connection secured by encrypting the data and using point-to-point authentication. The following
diagram is a typical VPN topology.
Figure 3-57 VPN – Network Topology
As the packets are encapsulated and de-encapsulated in the Router, the tunneling topology
implemented by encapsulating packets is transparent to users. The tunneling protocols supported by
TL-ER6020 contain Layer 3 IPsec and Layer 2 L2TP/PPTP.
3.5.1 IKE
In the IPsec VPN, to ensure a secure communication, the two peers should encapsulate and
de-encapsulate the packets using the information both known. Therefore the two peers need to
negotiate a security key for communication with IKE (Internet Key Exchange) protocols.
Actually IKE is a hybrid protocol based on three underlying security protocols, ISAKMP (Internet
Security Association and Key Management Protocol), Oakley Key Determination Protocol, and
SKEME Security Key Exchange Protocol. ISAKMP provides a framework for Key Exchange and SA
(Security Association) negotiation. Oakley describes a series of key exchange modes. SKEME
describes another key exchange mode different from those described by Oakley.
IKE consists of two phases. Phase 1 is used to negotiate the parameters, key exchange algorithm and
encryption to establish an ISAKMP SA for securely exchanging more information in Phase 2. During
phase 2, the IKE peers use the ISAKMP SA established in Phase 1 to negotiate the parameters for
security protocols in IPsec and create IPsec SA to secure the transmission data.
Содержание
- Ce mark warning 2
- Copyright trademarks 2
- Fcc statement 2
- Contents 3
- Package contents 6
- Chapter 1 about this guide 7
- Conventions 7
- Intended readers 7
- Overview of this guide 7
- Chapter 2 introduction 9
- Overview of the router 9
- Features 10
- Appearance 11
- Front panel 11
- Rear panel 13
- Chapter 3 configuration 14
- Network 14
- Status 14
- System mode 14
- Dhcp client 36
- Dhcp reservation 36
- Mac address 39
- Statistics 41
- Switch 41
- Port mirror 42
- Rate control 44
- Port config 45
- Port status 46
- Port vlan 47
- User group 47
- Advanced 50
- Nat setup 50
- One to one nat 51
- Multi nets nat 52
- Virtual server 55
- Port triggering 57
- Traffic control 59
- Bandwidth control 61
- Session limit 63
- Configuration 64
- Load balance 64
- Session list 64
- Policy routing 65
- Link backup 66
- Protocol 68
- Routing 69
- Static route 69
- Route table 73
- Anti arp spoofing 74
- Firewall 74
- Ip mac binding 74
- Arp scanning 76
- Arp list 77
- Attack defense 77
- Mac filtering 79
- Access control 80
- Url filtering 80
- Access rules 82
- Web filtering 82
- Service 84
- App control 86
- Control rules 86
- Database 87
- Ike policy 89
- Ike proposal 91
- Ipsec policy 93
- Ipsec proposal 96
- Ipsec sa 98
- L2tp pptp 99
- L2tp pptp tunnel 99
- Ip address pool 102
- General 103
- List of l2tp pptp tunnel 103
- Pppoe server 103
- Services 103
- Ip address pool 105
- Account 106
- Exceptional ip 108
- E bulletin 109
- List of account 109
- Dynamic dns 111
- Dyndns 112
- Peanuthull 114
- Comexe 116
- Admin setup 118
- Administrator 118
- Maintenance 118
- Login parameter 119
- Remote management 120
- Export and import 121
- Factory defaults 121
- Management 121
- Reboot 122
- Firmware upgrade 123
- License 123
- Interface traffic statistics 124
- Statistics 124
- Ip traffic statistics 125
- Diagnostics 126
- Online detection 128
- Chapter 4 application 132
- Network requirements 132
- Configurations 133
- Configurations 4 configurations 133
- Internet setting 133
- Network topology 133
- Internet connection 134
- Link backup 134
- System mode 134
- Ipsec vpn 135
- Vpn setting 135
- Pptp vpn setting 139
- Network management 141
- User group 141
- App control 142
- Bandwidth control 143
- Network security 145
- Session limit 145
- Lan arp defense 146
- Wan arp defense 147
- Attack defense 148
- Traffic monitoring 148
- Chapter 5 cli 151
- Configuration 151
- Interface mode 154
- Online help 155
- Command introduction 157
- Ip mac 157
- History 160
- Appendix a hardware specifications 162
- Appendix b faq 163
- Appendix c glossary 165
Похожие устройства
- Panasonic KX-FP80 Инструкция по эксплуатации
- Sony HDR-XR106E Инструкция по эксплуатации
- Sony SF-16N4/T1 ET4 Инструкция по эксплуатации
- Tp-Link TL-R600VPN Инструкция по эксплуатации
- Toshiba GR-E311DTR Инструкция по эксплуатации
- Sony HDR-XR100E Инструкция по эксплуатации
- Tp-Link TL-R470T+ Инструкция по эксплуатации
- Panasonic NV-VP33 Инструкция по эксплуатации
- Sony HDR-SR8E Инструкция по эксплуатации
- Sony SF-32NX/T1 ET4 Инструкция по эксплуатации
- Tp-Link TL-R480T+ Инструкция по эксплуатации
- Sony HDR-SR7E Инструкция по эксплуатации
- Sony MRW68ED1 Инструкция по эксплуатации
- Tp-Link TL-ER5120 Инструкция по эксплуатации
- Hotpoint-Ariston AQGD 149 S Инструкция по эксплуатации
- Sony HDR-SR5E Инструкция по эксплуатации
- Sony MRW62ES2171 Инструкция по эксплуатации
- Tp-Link TL-R402M Инструкция по эксплуатации
- Panasonic TC-14F1 Инструкция по эксплуатации
- Sony HDR-SR1E Инструкция по эксплуатации
Скачать
Случайные обсуждения