Filter
Top Products
DellPowerConnectW-SeriesArubaOS6.2 | User Guide VirtualPrivateNetworks | 271
Chapter 18
Virtual Private Networks
Wireless networks can use virtual private network (VPN) connections to further secure wireless data from attackers.
The Dell controller can be used as a VPN concentrator that terminates all VPN connections from both wired and
wireless clients.
This chapterdescribes the following topics:
l "Planning a VPN Configuration" on page 271
l "Working with VPN Authentication Profiles" on page 274
l "Configuring a Basic VPN for L2TP/IPsec in the WebUI" on page 275
l "Configuring a VPN for L2TP/IPsec with IKEv2 in the WebUI" on page 279
l "Configuring a VPN for Smart Card Clients" on page 283
l "Configuring a VPN for Clients with User Passwords" on page 284
l "Configuring Remote Access VPNs for XAuth" on page 285
l "Working with Remote Access VPNs for PPTP" on page 287
l "Working with Site-to-Site VPNs" on page 288
l "Working with VPN Dialer" on page 293
Planning a VPN Configuration
You can configure the controller for the following types of VPNs:
l Remote access VPNs allow hosts (for example, telecommuters or traveling employees) to connect to private
networks (for example, a corporate network) over the Internet. Each host must run VPN client software which
encapsulates and encrypts traffic and sends it to a VPN gateway at the destination network. The controller
supports the following remote access VPN protocols:
n Layer-2 Tunneling Protocol over IPsec (L2TP/IPsec)
n Point-to-Point Tunneling Protocol (PPTP)
n XAUTH IKE/IPsec
n IKEv2 with Certificates
n IKEv2 with EAP
l Site-to-site VPNs allow networks (for example, a branch office network) to connect to other networks (for
example, a corporate network). Unlike a remote access VPN, hosts in a site-to-site VPN do not run VPN client
software. All traffic for the other network is sent and received through a VPN gateway which encapsulates and
encrypts the traffic.
Before enabling VPN authentication, you must configure the following:
l The default user role for authenticated VPN clients. See Roles and Policies on page 296for information about
configuring user roles
.
l The authentication server group the controlleruses to validate the clients. See Authentication Servers on page 168
for configuration details.