VPN 3000 CONCENTRATOR ADVANCED FEATURES

  1. Rules are created and applied to a filter. The concentrator performs top-down testing of the conditions to the rules. If the criterion matches, then the rest of the rules in the filter are not processed. In cases where there is not a rule match, the concentrator performs the default action that is defined in the filter.

  2. Filters are applied to interfaces, users/groups, and LAN-to-LAN tunnels.

  3. The VPN Concentrator is capable of dynamic routing with OSPF, RIP, and manual static routing.

  4. Concentrator redundancy is performed with the Virtual Router Redundancy Protocol (VRRP). When a concentrator fails, LAN-to-LAN sessions are automatically recovered; however, remote access tunnels need to reconnect.

  5. Concentrator load balancing uses the VCA protocol to report utilization to the cluster master. The master sends IKE redirects to connecting clients, telling them the IP of the concentrator with less load capacity.

  6. Reverse route injection (RRI) is a method to populate the concentrator's routing table with connected networks to distribute those network via RIP or OSPF routing update to downstream devices.

  7. Bandwidth management for groups, interfaces, and LAN-to-LAN sessions can reserve a determined amount of bandwidth or police the tunnel to have a maximum bandwidth cap.

  8. LAN-to-LAN tunnels connect the concentrator's LAN to another concentrator, firewall, router, or other IPSec-compliant device. Network Autodiscovery uses RIP to discover the neighbors' networks automatically.

  9. PAT translates internal IP addresses to the concentrator's public interface IP address. In addition, you can define NAT rules for the concentrator if you are connecting to a LAN-to-LAN network that uses overlapping IP networks.

  10. VPN 3000 Concentrator can encapsulate IPSec messages in UDP or TCP when behind NAT or PAT devices. Ratified NAT-T (UDP port 4500) can also be enabled globally for the concentrator.



CSVPN Exam Cram 2 (Exam 642-511)
CCSP CSVPN Exam Cram 2 (Exam Cram 642-511)
ISBN: 078973026X
EAN: 2147483647
Year: 2002
Pages: 185

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net