Configuring Multiple Virtual Private Networks

In this scenario, Acme Company has remote users and two remote offices that must have a secure connection to the company intranet. Acme has the following requirements:

• Use server-to-server Virtual Private Networks (VPNs)
• Allow client VPN dialing directly into the VPN server
• Allow client VPN dialing into an ISP and then connecting to a master VPN server
• Provide the router with a permanent connection to the Internet

The following Novell® BorderManager^TM components are used to implement this scenario, as shown in Figure 32:

• Packet filtering
• VPN server
• VPN client
• Access control

In addition, the remote access software component of NetWare® 4.11 and later versions must be used to implement this scenario.

NOTE:  In this scenario, on-demand links cannot be used, and a VPN server cannot be located behind NAT.

Figure 32
Multiple VPNs

To implement multiple VPNs, Acme Company must perform the following general sequence of steps:

1. Enable default packet filtering. This denies the default firewall filters, allowing VPN traffic while restricting other traffic.

   For more information and packet filtering configuration procedures, refer to the packet filtering online documentation.

2. Install and configure the remote access software on the master VPN server.

   More information about configuring these parameters is located in the NetWare 5^TM online documentation at the following path:

   Contents > Connectivity Services (under Network Services heading) > Remote Access Configuration

3. From the server console, install and configure the master VPN server.

   For more information and configuration procedures, refer to the VPN online documentation.

4. From the server console, install and configure the slave VPN server.

   For more information and configuration procedures, refer to the VPN online documentation.

5. Using NetWare Administrator, configure the master VPN server and the VPN slave server.

   For more information and configuration procedures, refer to the VPN online documentation.

6. Using NetWare Administrator, configure the VPN remote client.

   For more information and configuration procedures, refer to the VPN online documentation.

7. Using NetWare Administrator, enable and configure access control rules allowing users to use the VPN client.

   For more information and configuration procedures, refer to the access control online documentation.