This section will explain how to take the network configurations looked at in sections #10.4# and #10.5# and use them together.
10.7.1 Using LAN-to-LAN Communication and Remote Access Together
In section #10.5# you read about a LAN-to-LAN VPN which was set up with VPN Server installed on the main LAN and VPN Bridge installed on the sub-LANs. The VPN Server installed on the main LAN for this type of network configuration can also receive VPN connection requests from VPN Clients. This means that it can be the VPN Server for the LAN-to-LAN VPN and the VPN Server for a remote access VPN at the same time.
The figure below illustrates what it would look like if a user at a remote location (such as from a hotel on a business trip) made a remote access VPN connection to the VPN Server on the main LAN (Tokyo).
An Example of How to Use a LAN-to-LAN Network and Remote Access Together.
In this example, two VPN Client equipped laptop computers are making a direct connection to the Virtual Hub on the VPN Server in Tokyo via the Internet. In this configuration the Tokyo LAN and the Osaka LAN are connected as a layer 2 segment. Computers on both networks can freely communicate with each other. Also, the VPN Clients logged in to the VPN Server will join that same layer 2 segment and will be able to freely communicate with computers on both networks as well.
By using this method you can utilize a single VPN Server to provide both remote access and LAN-to-LAN VPN services.
10.7.2 Calculating the Number of Required Licenses
To calculate the number of licenses required for this VPN configuration, we simply add two client connection licenses to the licenses required to build the simple LAN-to-LAN VPN from section #10.5#. Thus, the required product licenses and connection licenses are as shown below.
- VPN Server Standard Edition License x 1
- VPN Server Client Connect License (1 Client) x 2
- VPN Server Bridge Connect License (1 Site) x 1
Please refer to section #1.3# for more information about the licensing system.
10.7.3 Supplementary Information
Of course, it is also possible to use remote access in conjunction with a LAN-to-LAN VPN that utilizes IP routing such as the one described in section #10.6#. In this situation you can decide which layer 2 segment to join depending on which Virtual Hub you connect to.
Also, if you install VPN Server on both networks of the VPN, the VPN Client can make a direct connection to the VPN through the Internet by connecting to either one of the VPN Servers. This is useful if, for example, a user wants to connect to the fileserver on the Osaka LAN. By using this method the user can connect directly to the Osaka LAN without going through the Tokyo LAN, which means faster transfer speeds. In this situation you would need an additional VPN Server product license in order to install another VPN Server on the LAN in Osaka.
