Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Overview of the IPsec site-to-site VPN use case

Depending on the scenario, an IPsec site-to-site VPN may be a more appropriate solution than an IPsec remote access VPN.

An IPsec remote access VPN (RA VPN) provides users with a temporary encrypted connection, typically with corporate headquarters.

In contrast, an IPsec site-to-site VPN provides a permanent encrypted connection between two or more networks. So, companies commonly use site-to-site VPNs when they have multiple locations — such as branch offices and corporate headquarters — that need access to the corporate network on a regular basis.

Figure 1. Site-to-site network topology example. Site-to-site policy between routers that share private networks 10.100.0.0/16 and 172.168.1.0/24 between sites.

In this example network topology, the internal development subnet is connected to a subnet of cloud servers. In this situation, a cloud router could easily act as the gateway for the cloud servers. This would avoid the need to manage and configure VPN settings on each individual cloud server.