Wednesday, 24 January 2018

Types Of VPN Tunnels?

        Types of tunnels and the number of tunnels can be managed with the following features:

Permanent Tunnels
         This feature keeps VPN tunnels active allowing real-time monitoring capabilities.
Permanent Tunnels are constantly kept active and as a result, make it easier to recognize malfunctions and connectivity problems. Administrators can monitor the two sides of a VPN tunnel and identify problems without delay.

Each VPN tunnel in the community may be set to be a Permanent Tunnel. Since Permanent Tunnels are constantly monitored, if the VPN tunnel is down, then a log, alert, or user defined action, can be issued. A VPN tunnel is monitored by periodically sending "tunnel test" packets. As long as responses to the packets are received the VPN tunnel is considered "up." If no response is received within a given time period, the VPN tunnel is considered "down." Permanent Tunnels can only be established between Check Point Security Gateways. The configuration of Permanent Tunnels takes place on the community level and:
  • Can be specified for an entire community. This option sets every VPN tunnel in the community as permanent.
  • Can be specified for a specific Security Gateway. Use this option to configure specific Security Gateways to have permanent tunnels.
  • Can be specified for a single VPN tunnel. This feature allows configuring specific tunnels between specific Security Gateways as permanent.

VPN Tunnel Sharing

          This feature provides greater interoperability and scalability between Security Gateways. It also controls the number of VPN tunnels created between peer Security Gateways.
Tunnel test is a proprietary Check Point protocol used to see if VPN tunnels are active. Tunnel testing requires two Security Gateways and uses UDP port 18234. Third party gateways do not support tunnel testing.
VPN Tunnel Sharing provides interoperability and scalability by controlling the number of VPN tunnels created between peer Security Gateways. There are three available settings:
  • One VPN tunnel per each pair of hosts
  • One VPN tunnel per subnet pair
  • One VPN tunnel per Security Gateway pair



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)