14
Connecting Two Branch
Offices
Two sites can use a VPN tunnel to send and receive
secure business data over the Internet. The two sites
could be two branch offices, a remote worker and a
central office, a branch office and a central office, or
your site and a business partners site. For more
information, see the online documentation on the
Intel
®
Device View CD-ROM.
Connecting two branch offices with a VPN tunnel
enables both offices to share each others resources
securely. Using a VPN tunnel saves the cost of
dialing into a distant site; the only cost is that of
connecting to the local Internet service provider
(ISP).
In this example, the IP address on the local side is
dynamically assigned. Therefore, the Local User ID
identifies the branch office, rather than a permanent
external IP address. If the local router had a perma-
nent IP address, then you would not have to enter a
Local User ID. The IP address would identify the
branch office.
Table 3 shows the configuration parameters used in
the VPN Tunnel Wizard to create a tunnel for the
Branch Office to Branch Office example.
Note: The values for the parameters in Table 3 are
examples only; you must enter the values specific to
your network.
Firewalls and network address translation
If you are using firewall filters or network address
translation (NAT) on the LAN 2 port, the VPN
Tunnel Wizard modifies your settings to enable the
tunnel.
Connection to
Internet with dynamic
IP address
Branch Office 1
Local Network Address
192.168.1.0
Branch Office 2
Remote Network Address 175.123.45.0
7073
Internet
(ISP)
Permanent
connection to Internet with
a fixed IP address
Intel 8205 Router
®
®
IntelRouter
Status LAN WAN Link WAN Switch WAN Control Test Mode100 Mbps
Intel Router
®
®
Intel Router
Status LAN WAN Link WAN Switch WAN Control Test Mode100 Mbps
Fixed
IP address
175.123.45.1
xDSL/cable
modem
Figure 24. Example Branch Office to Branch Office
VPN Tunnel. A VPN tunnel between two remote offices.
Parameter Setting
Remote IP Address 175.123.45.1
Local User ID aradomsk23
Local Network Address 192.168.1.0
Local Network Mask 255.255.255.0
Remote Network Address 175.123.45.0
Remote Network Mask 255.255.255.0
Encryption Algorithm DES
Authentication Algorithm MD5
Re-keying Interval 1 Day
Table 3. Configuration Parameters. Settings used for
the Branch Office to Branch Office example when
configuring the VPN tunnel using the VPN Tunnel Wizard.
VPN Tunnel Example 2
A43586-001.p65 10/24/00, 10:44 AM14