Q

Extranet environment

How can VPN and extranet be set up for an electronic relationship? Depending on your extranet environment, you

may want to use an IPSec VPN or and SSL VPN.

For a formal relationship between to companies that do business on a regular basis, an IPSec gateway based solution can work really well. Each location gets a VPN gateway that connects it to the extranet. You set up a route in your default gateway router to redirect traffic destined to the extranet through the VPN gateway. The routes are determined by address. So traffic destined for Internet is sent to the firewall, traffic destined for the corporate network is sent to the frame relay network and traffic for the extranet is sent to the VPN gateway. The nice part about this is that it requires no changes to the other devices, PCs and servers on your network and it let's you share any IP device you want to (printers, PCs, servers, WiFi, etc.)

The only caveat is that you need to make sure that you don't have address collisions between the connected networks. If each location has a 192.168.1.x addressing scheme, connecting them won't work. You'll need to either renumber one or the other network, or do some fancy network address translation.

Alternatively, you can use an SSL based solution to set up more casual relationships. An SSL-gateway uses secure socket layers to create a VPN. To anyone on the outside, the gateway looks like a web server. They just set the URL of their browser to point to it and they're connected. You can authenticate using anything from passwords to crypto-cards to certificates. On the inside, the gateway performs a function known as reverse proxy that allows it to gain access to file shares and various applications. So, a remote user or extranet member can simply use a web browser to gain secure access to a host of services include applications, e-mail, file shares, etc.

There are a lot of companies out there offering either type of solution and a lot of great choices. Hope this helps.
Best,
Mark

This was first published in November 2002

Dig deeper on LANs (Local Area Networks)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close