10.5 Build a LAN-to-LAN VPN (Using L2 Bridge)

Combined revision comparison

...

To build a LAN-to-LAN VPN you will need to utilize both local bridges (see section 3.6 Local Bridges) and cascade connections (3.4.11 Cascade Connection3.4 Virtual Hub Functions).

...

Because the VPN Server must receive incoming VPN connections from the VPN Bridges over the Internet, it must have a public IP address or be able to receive TCP/IP communication through NAT, a firewall, or a reverse proxy system as described in section 10.2.1 VPN Server Location10.2 Common Concepts and Knowledge. Please consult with your network administrator if you are unsure about any of these issues.

...

• As explained in detail in section 3.6.3 Preparing the Local Bridge network adapter3.6 Local Bridges, if possible, try to set aside network adapters strictly for local bridging when making your local bridge connection. We recommend that you do not use a protocol stack for your local bridge network adapters, and do not assign TCP/IP IP addresses to them.
• We also recommend that you use a high quality network adapter from a trusted maker for your local bridge connections. For more information please refer to 3.6.5 Supported Network Adapter Types3.6 Local Bridges and 3.6.6 Use of network adapters not supporting Promiscuous Mode.

...

• The multiple LANs that make up the LAN-to-LAN VPN will be logically connected as a single Ethernet network (broadcast domain segment) once they are connected via bridge connections. Thus, they will be able to communicate with each other as such. Therefore, computers will use the VPN to communicate between these networks exactly as if they were connected together as one big physical LAN.
• If there are DHCP servers running on the original LANs then once they are logically connected as a single segment it will be as if multiple DHCP servers are running on the same Ethernet network. As explained in section 10.2.9 Advice about Protocol Conflicts when Making a LAN-to-LAN Connection10.2 Common Concepts and Knowledge, this causes protocol conflicts and overall network instability.
• When dealing with LANs that already have a fairly large amount of computers on them, you may have to make some changes to the network layout when building them into a LAN-to-LAN VPN using only bridge connections. (Especially when each computer is being assigned a static IP address.) If you are dealing with multiple LANs made up of multiple IP networks, we recommend also using IP routing (explained in section 10.6 Build a LAN-to-LAN VPN (Using L3 IP Routing)) when setting up your LAN-to-LAN VPN.  

 

...

Other changes:

1. /body/p[8]/a[2]/@href: "mks://localhost/4-docs/1-manual/3/3.4" ⇒ "mks://localhost/4-docs/1-manual/3/3.4#3.4.11_Cascade_Connection_Functions"
2. /body/p[8]/a[2]/@title: "4-docs/1-manual/3/3.4" ⇒ "3.4.11 Cascade Connection Functions"
3. /body/p[25]/a/@href: "mks://localhost/4-docs/1-manual/A/10.2" ⇒ "mks://localhost/4-docs/1-manual/A/10.2#10.2.1_VPN_Server_Location"
4. /body/p[25]/a/@title: "4-docs/1-manual/A/10.2" ⇒ "10.2.1 VPN Server Location"
5. /body/ul[3]/li/a/@href: "mks://localhost/4-docs/1-manual/3/3.6" ⇒ "mks://localhost/4-docs/1-manual/3/3.6#3.6.3_Preparing_the_Local_Bridge_network_adapter"
6. /body/ul[3]/li/a/@title: "4-docs/1-manual/3/3.6" ⇒ "3.6.3 Preparing the Local Bridge network adapter"
7. /body/ul[3]/li[2]/a/@href: "mks://localhost/4-docs/1-manual/3/3.6" ⇒ "mks://localhost/4-docs/1-manual/3/3.6#3.6.5_Supported_Network_Adapter_Types"
8. /body/ul[3]/li[2]/a/@title: "4-docs/1-manual/3/3.6" ⇒ "3.6.5 Supported Network Adapter Types"
9. /body/ul[4]/li[2]/a/@href: "mks://localhost/4-docs/1-manual/A/10.2" ⇒ "mks://localhost/4-docs/1-manual/A/10.2#10.2.9_Advice_about_Protocol_Conflicts_when_Making_a_LAN-to-LAN_Connection"
10. /body/ul[4]/li[2]/a/@title: "4-docs/1-manual/A/10.2" ⇒ "10.2.9 Advice about Protocol Conflicts when Making a LAN-to-LAN Connection"