Dell W-Series 324 Instant 6.5.1.0-4.3.1.0 User Guide - Page 238
IAP-VPN Deployment, Understanding IAP-VPN Architecture
View all Dell W-Series 324 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 238 highlights
Chapter 19 IAP-VPN Deployment This section provides the following information: l Understanding IAP-VPN Architecture on page 238 l Configuring W-IAP and Controller for IAP-VPN Operations on page 241 Understanding IAP-VPN Architecture The IAP-VPN architecture includes the following two components: l W-IAPs at branch sites l Controller at the datacenter The master W-IAP at the branch site acts as the VPN endpoint and the controller at the datacenter acts as the VPN concentrator. When a W-IAP is set up for VPN, it forms an IPsec tunnel to the controller to secure sensitive corporate data. IPsec authentication and authorization between the controller and the W-IAPs are based on the RAP whitelist configured on the controller. Only the master W-IAP in a W-IAP cluster forms the VPN tunnel. From the controller perspective, the master W-IAPs that form the VPN tunnel are considered as VPN clients. The controller terminates VPN tunnels and routes or switches the VPN traffic. The W-IAP cluster creates an IPsec or GRE VPN tunnel from the VC to a Mobility Controller in a branch office. The controller only acts as an IPsec or GRE VPN endpoint and it does not configure the W-IAP. IAP-VPN Scalability Limits The controller scalability in IAP-VPN architecture depends on factors such as IPsec tunnel limit, Branch ID limit, and datapath route table limit. The following table provides the IAP-VPN scalability information for various controller platforms: Table 50: IAP-VPN Scalability Platforms Branches Routes L3 Mode Users NAT Users Total L2 Users W-3200 1000 1000 64,000 W-3400 2000 2000 64,000 W-3600 8000 8000 64,000 W-6000M3 8000 8000 64,000 W-7210 8000 8000 64,000 W-7220 W-7240 16,000 32,000 16,000 32,000 N/A N/A 128,000 128,000 Dell Networking W-Series Instant 6.5.1.0-4.3.1.0 | User Guide IAP-VPN Deployment | 238