No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


CLI-based Configuration Guide - VPN

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R010

This document describes VPN features on the device and provides configuration procedures and configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Using IPSec VPN to Provide Secure Remote Access for Mobile Users

Using IPSec VPN to Provide Secure Remote Access for Mobile Users

In public places, such as hotels and airports, traveling staff or partners connect to the core network through an insecure access network or a public network such as the Internet to access internal resources of the core network. This process is called remote access. Security is a major concern in remote access. IPSec VPN can be deployed to establish an IPSec tunnel between a user terminal and the gateway of the core network. IPSec ensures secure and reliable data transmission.

As shown in Figure 5-25, mobile users (such as traveling staff) use built-in VPN dial-up software of Windows or other dial-up software to access the enterprise network. L2TP provides the user authentication function, but no encryption function. To ensure security, deploy L2TP over IPSec and set up an L2TP over IPSec tunnel between the PC and enterprise gateway Router. Packets are encapsulated using L2TP and then encrypted using IPSec before being transmitted, ensuring communication security.

Access users are authenticated locally or remotely by the authentication server (RADIUS server, for example) in the headquarters. After authentication is successful, Router assigns private IP addresses within the headquarters network to users (PCs or mobile terminals).

Figure 5-25  Remote access of mobile users using L2TP over IPSec

Updated: 2019-08-07

Document ID: EDOC1100033725

Views: 150827

Downloads: 365

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next