Dell W-Series 334 Instant 6.4.3.1-4.2 User Guide - Page 226
Supported VPN Protocols
View all Dell W-Series 334 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 226 highlights
Supported VPN Protocols Instant support the following VPN protocols for remote access: Table 44: VPN Protocols VPN Protocol Description Dell IPsec IPsec is a protocol suite that secures IP communications by authenticating and encrypting each IP packet of a communication session. You can configure an IPsec tunnel to ensure that to ensure that the data flow between the networks is encrypted. However, you can configure a split-tunnel to encrypt only the corporate traffic. When IPsec is configured, ensure that you add the W-IAP MAC addresses to the whitelist database stored on the controller or an external server. IPsec supports Local, L2, and L3 modes of IAP-VPN operations. NOTE: The W-IAPs support IPsec only with Dell Controllers. Layer-2 (L2) GRE Generic Routing Encapsulation (GRE) is a tunnel protocol for encapsulating multicast, broadcast, and L2 packets between a GRE-capable device and an end-point. W-IAPs support the configuration of L2 GRE (Ethernet over GRE) tunnel with a Dell Controller to encapsulate the packets sent and received by the W-IAP. You can use the GRE configuration for L2 deployments when there is no encryption requirement between the W-IAP and controller for client traffic. W-IAPs support two types of GRE configuration: l Manual GRE-The manual GRE configuration sends unencrypted client traffic with an additional GRE header and does not support failover. When manual GRE is configured on the W-IAP, ensure that the GRE tunnel settings are enabled on the controller. l Dell GRE-With Dell GRE, no configuration on the controller is required except for adding the W-IAP MAC addresses to the whitelist database stored on the controller or an external server. Dell GRE reduces manual configuration when Per-AP tunnel configuration is required and supports failover between two GRE end-points. NOTE: W-IAPs support manual and Dell GRE configuration only for L2 mode of operations. Dell GRE configuration is supported only on Dell Controllerss. L2TP The Layer 2 Tunneling Protocol version 3 (L2TPv3) feature allows W-IAP to act as L2TP Access Concentrator (LAC) and tunnel all wireless clients L2 traffic from AP to L2TP Network Server (LNS). In a centralized L2 model, the VLAN on the corporate side are extended to remote branch sites. Wireless clients associated with W-IAP gets the IP address from the DHCP server running on LNS. For this, AP has to transparently allow DHCP transactions through the L2TPv3 tunnel. Configuring a Tunnel from a W-IAP to Dell Networking W-Series Mobility Controller W-IAP supports the configuration of tunneling protocols such as Generic Routing Encapsulation (GRE), IPsec, and L2TPv3. This section describes the procedure for configuring VPN host settings on a W-IAP to enable communication with a controller in a remote location: l Configuring an IPSec Tunnel on page 227 l Configuring an L2-GRE Tunnel on page 228 l Configuring an L2TPv3 Tunnel on page 231 226 | VPN Configuration Dell Networking W-Series Instant 6.4.3.1-4.2.0.0 | User Guide