Filter
Top Products
The Internet as an Alternative Internet-based WAN Backup Solutions using NetVanta
6 Copyright © 2005 ADTRAN, Inc. 61200890L1-29.4A
Solution 2 - Primary = Frame Relay Service Provider, Alternate = ISP via
PPPoE/DSL-Cable
In this scenario (see Figure 2), a Frame Relay service provider supplies the Frame Relay access line and
virtual circuit that connects a NetVanta remote site directly to the central site. Since this link is entirely
over a provider's Frame Relay network, no firewall or VPN is required to protect the customer's network.
The central site has a protected Internet connection and an IPSec VPN gateway for Internet-based access to
the central site network. The remote site also has a PPPoE over DSL or cable modem to a local ISP. This
connection is always on and is used for local Internet access (if the corporate security policy allows such
connectivity) while providing an alternate path to the central site. This link is protected by the NetVanta
firewall. Should the NetVanta's Frame Relay link fail, an IPSec VPN connection is established over the
PPPoE connection across the Internet to the central site's VPN gateway, re-establishing connectivity
between the two sites. The NetVanta uses its stateful inspection firewall to protect the PPPoE connection to
the Internet.
Figure 2. Primary WAN Connectivity via Frame Relay Service Provider, Backup Connectivity via
IPsec VPN over PPPoE/DSL-Cable ISP Connection
Remote NetVanta Router Configuration:
!
hostname "NV_Remote"
!
ip routing
!
ip firewall
!
ip crypto
!
crypto ike policy 100
initiate aggressive
no respond
10.254.255.25/28
10.254.255.85/28
10.254.255.26/28
10.1.1.240/24
172.31.4.0/24