AltaVista’s flexibility allows an enterprise to accept several tunnel sessions to the virtual private LAN, either from a remote LAN or from remote single machine connections. The configurations here are each subtly different, because the Single Connection-to-LAN and LAN-to-LAN/LAN-to-WAN implementations of the AltaVista Tunnel are different. The LAN-to-LAN/LAN-to-WAN tunnel configurations are for an enterprise that requires two-way tunnel traffic between its two networks where an Extranet server is required on each end of the connection. This scenario is actually meant to replace traditional private leased line connections by using secure tunneling sessions over the Internet. The Single Connection-to-LAN scenario allows multiple end users to access the private network over the Internet, in a secure fashion, without being tied to a fixed IP address or a single access provider.
In the following sections we show a sample configuration illustrating each scenario.
This configuration features a firewall on each side.
In the LAN-to-LAN tunnel configuration shown in Figure 6-1, LAN 1 is a corporate office connected to the Internet via a full T1 and protected with a firewall. There are four machines on the LAN: the AltaVista Extranet server, Finance, Human Resources, and Research & Development. LAN 2 is a remote sales office running a second AltaVista Extranet server and three host machines. LAN 2 is connected to the ...