Summary (3.6)
Class Activity 3.6.1.1: VPN Planning Design
Your small- to medium-sized business has received quite a few new contracts lately. This circumstance has increased the need for teleworkers and workload outsourcing. The new contract vendors and clients will also need access to your network as the projects progress.
As network administrator for the business, you recognize that VPNs must be incorporated as a part of your network strategy to support secure access by the teleworkers, employees, and vendors or clients.
To prepare for implementation of VPNs on the network, you devise a planning checklist to bring to the next department meeting for discussion.
Packet Tracer 3.6.1.2: Skills Integration Challenge
In this skills integration challenge, the XYZ Corporation uses a combination of eBGP, PPP, and GRE WAN connections. Other technologies include DHCP, default routing, OSPF for IPv4, and SSH configurations.
Lab 3.6.1.3: Configure a Branch Connection
In this lab, you configure two separate WAN connections: a BGP route over a PPPoE connection and a BGP route over a GRE tunnel. This lab is a test-case scenario and does not represent a realistic BGP implementation.
Part 1: Build the Network and Load Device Configurations
Part 2: Configure a PPPoE Client Connection
Part 3: Configure a GRE Tunnel
Part 4: Configure BGP over PPPoE and BGP over a GRE Tunnel
Broadband transmission is provided by a wide range of technologies, including DSL, fiber-to-the-home, coaxial cable systems, wireless, and satellite. This transmission requires additional components at the home end and at the corporate end. Broadband wireless solutions include municipal Wi-Fi, cellular/mobile, and satellite Internet. Municipal Wi-Fi mesh networks are not widely deployed. Cellular/mobile coverage can be limited and bandwidth can be an issue. Satellite Internet is relatively expensive and limited, but it may be the only method to provide access.
If multiple broadband connections are available to a particular location, a cost-benefit analysis should be performed to determine the best solution. The best solution may be to connect to multiple service providers to provide redundancy and reliability.
PPPoE is a popular data link protocol for connecting remote networks to their ISPs. PPPoE provides the flexibility of PPP and the convenience of Ethernet.
VPNs are used to create a secure end-to-end private network connection over a third-party network, such as the Internet. GRE is a basic, nonsecure site-to-site VPN tunneling protocol that can encapsulate a wide variety of protocol packet types inside IP tunnels, thus allowing an organization to deliver other protocols through an IP-based WAN. Today it is primarily used to deliver IP multicast traffic or IPv6 traffic over an IPv4 unicast-only connection.
BGP is the routing protocol implemented between autonomous systems. Three basic design options for eBGP are as follows:
The ISP advertises a default route only to the customer.
The ISP advertises a default route and all its routes to the customer.
The ISP advertises all Internet routes to the customer.
Implementing eBGP in a single-homed network requires only a few commands.