tcp/ip protocol suite 1 chapter 26 upon completion you will be able to: virtual private networks and...

TCP/IP Protocol Suite 1

Chapter 26Chapter 26

Upon completion you will be able to:

Virtual Private Networks andVirtual Private Networks andNetwork Address Translation Network Address Translation

• Understand the difference between an internet and an extranet• Understand private, hybrid, and virtual private networks• Understand how VPN can guarantee privacy• Understand the mechanism of NAT

Objectives

TCP/IP Protocol Suite 2

26.1 PRIVATE NETWORKS

A private network is designed to be used only inside an organization. It A private network is designed to be used only inside an organization. It allows access to shared resources and, at the same time, provides allows access to shared resources and, at the same time, provides privacy.privacy.

The topics discussed in this section include:The topics discussed in this section include:

Intranet Intranet Extranet Extranet Addressing Addressing

TCP/IP Protocol Suite 3

Table 26.1 Table 26.1 Addresses for private networksAddresses for private networks

TCP/IP Protocol Suite 4

26.2 VIRTUAL PRIVATE NETWORKS (VPN)

Virtual private network (VPN) is a technology for large organizations Virtual private network (VPN) is a technology for large organizations that use the global Internet for both intra- and interorganization that use the global Internet for both intra- and interorganization communication, but require privacy in their intraorganization communication, but require privacy in their intraorganization communication. communication.

The topics discussed in this section include:The topics discussed in this section include:

Achieving Privacy Achieving Privacy VPN Technology VPN Technology

TCP/IP Protocol Suite 5

Figure 26.1 Private network

TCP/IP Protocol Suite 6

Figure 26.2 Hybrid network

TCP/IP Protocol Suite 7

Figure 26.3 Virtual private network

TCP/IP Protocol Suite 8

Figure 26.4 Tunneling

TCP/IP Protocol Suite 9

Figure 26.5 Addressing in a VPN

TCP/IP Protocol Suite 10

26.3 NETWORK ADDRESS TRANSLATION (NAT)

Network address translation (NAT) allows a site to use a set of private Network address translation (NAT) allows a site to use a set of private addresses for internal communication and a set of global Internet addresses for internal communication and a set of global Internet addresses for communication with another site. The site must have only addresses for communication with another site. The site must have only one single connection to the global Internet through a router that runs one single connection to the global Internet through a router that runs NAT software.NAT software.

The topics discussed in this section include:The topics discussed in this section include:

Address Translation Address Translation Translation Table Translation Table NAT and ISP NAT and ISP

TCP/IP Protocol Suite 11

Figure 26.6 NAT

TCP/IP Protocol Suite 12

Figure 26.7 Address translation

TCP/IP Protocol Suite 13

Figure 26.8 Translation

TCP/IP Protocol Suite 14

Table 26.2 Table 26.2 Five-column translation tableFive-column translation table

TCP/IP Protocol Suite 15

Figure 26.9 An ISP and NAT