SlideShare a Scribd company logo

DrayTek Seminar in Greece, Session 1

DrayTek Corp.
DrayTek Corp.

DrayTek Corp. and LEXIS co-host Semiar in Athens, Greece in March 2015

Technology
1 of 35
Download to read offline
1 Connecting to the Internet Henry Lo Application Engineer Seminar
2 • Multi LAN Subnets / VLAN - Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-subnets with APs • LAN-to-LAN VPN - PPTP and IPSec - VPN Trunk • Remote Dial-in VPN - Smart VPN Client and SSL VPN • Load-Balance/Route Policy Outline — Session 1
3 Outline — Session 2 • Content Security Management (CSM) - Web Content Filter with DNS Filter - APP Enforcement • User Management - Customized Login Page Logo - Create Accounts for Accommodations • AP Management - Setup, Configure, and Maintenance - Management Methods • WiFi Airtime Fairness • Bandwidth Management
4 Outline • Multi LAN Subnets / VLAN - Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-subnets with APs • LAN-to-LAN VPN - PPTP and IPSec - VPN Trunk • Remote Dial-in VPN - Smart VPN Client and SSL VPN • Load-Balance/Route Policy
5 Multi LAN Subnets / VLAN • The Initial Status
6 Multi LAN Subnets/VLAN • Port-Based
7 Multi LAN Subnets/VLAN • Tag-Based
8 Multi LAN Subnets/VLAN • A Hybrid Example - P1 in LAN1 for Administrator Management - P2~P4 in LAN2 for 3 Departments, Isolated from Each Other - P5 in LAN1 for Internal Server (e.g., FTP Server) - P6 in LAN3 for Guests
9 • Enable 
 LAN2 and LAN3 • Enable 
 Inter-LAN Routing Multi LAN Subnets/VLAN
10 • A Hybrid Example - P1 Administrator - P2, P3 Staff - P4 for AP LANA - P5 for AP LANB Multi LAN Subnets/VLAN
11 Multi LAN Subnets/VLAN
12 Outline • Multi LAN Subnets / VLAN - Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-subnets with APs • LAN-to-LAN VPN - PPTP and IPSec - VPN Trunk • Remote Dial-in VPN - Smart VPN Client and SSL VPN • Load-Balance/Route Policy
13 Supported VPN Protocol • PPTP (TCP 1723) • L2TP (UDP 1701) • IPsec (UDP 500) • L2TP over IPsec • SSL VPN (TCP 443) • mOTP
14 Supported VPN Protocols None/Nice to Have/Must LAN to LAN PPTP L2TP /IPSec IPSec SSL port configurable V2960/V3900 only
15 LAN-to-LAN VPN • VPN for more subnets VPN 172.16.10.1/24 192.168.1.1/24 Headquarters Dial-in Branch 1 Dial-out 172.16.15.1/24 192.168.5.1/24
VPN 16 LAN-to-LAN VPN • Hub and Spokes VPN172.16.10.1/24 192.168.1.1/24 172.16.20.1/24 Branch 2 VPN 172.16.30.1/24 VPN 172.16.40.1/24 Branch 3 Branch 4 Headquarters Branch 1
17 LAN-to-LAN VPN • VPN Trunk — Backup VPN 1 172.16.10.1/24 192.168.1.1/24 Dial-in Branch 1 Dial-out VPN 2 WAN 1 WAN 2 Headquarters
18 LAN-to-LAN VPN • VPN Trunk — Load Balance VPN 1 172.16.10.1/24 192.168.1.1/24 Dial-in Branch 1 Dial-out VPN 2 WAN 1 WAN 2 Headquarters
19 None/Nice to Have/Must Host to LAN PPTP L2TP /IPSec IPSec SSL port configurable PC Android Mac iOS Must DrayTek Smart VPN Client DrayTek Smart VPN Client Must Must
20 Remote Dial-In VPN • Smart VPN Client for Android — SSL VPN
21 Outline • Multi LAN Subnets / VLAN - Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-subnets with APs • LAN-to-LAN VPN - PPTP and IPSec - VPN Trunk • Remote Dial-in VPN - Smart VPN Client and SSL VPN • Load-Balance/Route Policy
22 General View
23 Configuration Page
24 Configuration Page • Set Criteria - Protocol - Source / Dest IP - Port
25 Configuration Page • Choose Route - Interface - Gateway • Give Priority - Higher than Routing Table? - Higher than other Policies?
26 Configuration Page • NAT or Routing? - Regardless of the original LAN type • Failover to Interface / Policy • Gradual / Immediate Failback
27 Idea of Priority • Compare between Routing Table and Route Policies 100 Index Interface 1 2 Src IP Dest IP WAN2 LAN2 Any WAN1 LAN2 8.8.8.8 Priority 100 INTERNET WAN1 WAN2 LAN1 Servers LAN2 PC 150 200
INTERNET WAN1 WAN2 LAN1 Servers LAN2 PC 28 Idea of Priority • Compare between Routing Table and Route Policies Index Interface 1 2 Src IP Dest IP 3 WAN2 LAN2 Any WAN1 LAN2 8.8.8.8 Priority 200 150 200
INTERNET WAN1 WAN2 LAN1 Servers LAN2 PC 29 Idea of Priority • Compare between Routing Table and Route Policies Index Interface 1 2 Src IP Dest IP 3 WAN1 LAN2 8.8.8.8 WAN2 LAN2 Any Priority 200 250 250
• Priority First, Sequence Second 30 Idea of Priority • Compare between Routing Table and Route Policies
• Priority First, Sequence Second - With Same Priority, Sequence Matters 31 Idea of Priority • Compare between Routing Table and Route Policies
32 Route Policy Diagnose 8.8.8.8
33 • Send SIP Traffic to the Less-Jitter WAN Load Balance
34 Route Policy with VPN • Local Users to Remote Server - Only Specified LAN IP are eligible to send traffic via the VPN tunnel Manager IPTV INTERNET VPNTunnel VPN TunnelVPN Server Netflix Server netflix-380.vo.llnwd.net Employees
35 Q&A

Recommended

DrayTek Seminar in Greece, session 2
DrayTek Seminar in Greece, session 2DrayTek Seminar in Greece, session 2
DrayTek Seminar in Greece, session 2DrayTek Corp.
 
Iuwne10 S02 L04
Iuwne10 S02 L04Iuwne10 S02 L04
Iuwne10 S02 L04Ravi Ranjan
 
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAruba, a Hewlett Packard Enterprise company
 
Iuwne10 S02 L02
Iuwne10 S02 L02Iuwne10 S02 L02
Iuwne10 S02 L02Ravi Ranjan
 
Ccna2v3 mod07
Ccna2v3 mod07Ccna2v3 mod07
Ccna2v3 mod07Sumit Tambe
 
Iuwne10 S02 L06
Iuwne10 S02 L06Iuwne10 S02 L06
Iuwne10 S02 L06Ravi Ranjan
 
Iuwne10 S02 L07
Iuwne10 S02 L07Iuwne10 S02 L07
Iuwne10 S02 L07Ravi Ranjan
 
Iuwne10 S02 L05
Iuwne10 S02 L05Iuwne10 S02 L05
Iuwne10 S02 L05Ravi Ranjan
 

Recommended

DrayTek Seminar in Greece, session 2
DrayTek Seminar in Greece, session 2DrayTek Seminar in Greece, session 2
DrayTek Seminar in Greece, session 2DrayTek Corp.
 
Iuwne10 S02 L04
Iuwne10 S02 L04Iuwne10 S02 L04
Iuwne10 S02 L04Ravi Ranjan
 
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAruba, a Hewlett Packard Enterprise company
 
Iuwne10 S02 L02
Iuwne10 S02 L02Iuwne10 S02 L02
Iuwne10 S02 L02Ravi Ranjan
 
Ccna2v3 mod07
Ccna2v3 mod07Ccna2v3 mod07
Ccna2v3 mod07Sumit Tambe
 
Iuwne10 S02 L06
Iuwne10 S02 L06Iuwne10 S02 L06
Iuwne10 S02 L06Ravi Ranjan
 
Iuwne10 S02 L07
Iuwne10 S02 L07Iuwne10 S02 L07
Iuwne10 S02 L07Ravi Ranjan
 
Iuwne10 S02 L05
Iuwne10 S02 L05Iuwne10 S02 L05
Iuwne10 S02 L05Ravi Ranjan
 
EMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingEMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingAruba, a Hewlett Packard Enterprise company
 
Iuwne10 S02 L03
Iuwne10 S02 L03Iuwne10 S02 L03
Iuwne10 S02 L03Ravi Ranjan
 
Iuwne10 S01 L09
Iuwne10 S01 L09Iuwne10 S01 L09
Iuwne10 S01 L09Ravi Ranjan
 
Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.com
Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.comDenovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.com
Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.comAnne Kwong
 
A week with analysing RPKI status
A week with analysing RPKI statusA week with analysing RPKI status
A week with analysing RPKI statusAPNIC
 
4 ip services dhcp-part b
4 ip services dhcp-part b4 ip services dhcp-part b
4 ip services dhcp-part bSagarR24
 
EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)Aruba, a Hewlett Packard Enterprise company
 
Iot protocols tr 069
Iot protocols tr 069Iot protocols tr 069
Iot protocols tr 069adorable73
 
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS SwitchEMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS SwitchAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverEMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverAruba, a Hewlett Packard Enterprise company
 
Free OpManager training Part 3 - Monitoring Network Performance and Network Maps
Free OpManager training Part 3 - Monitoring Network Performance and Network MapsFree OpManager training Part 3 - Monitoring Network Performance and Network Maps
Free OpManager training Part 3 - Monitoring Network Performance and Network MapsManageEngine, Zoho Corporation
 
4 ip services dhcp
4 ip services dhcp4 ip services dhcp
4 ip services dhcpSagarR24
 
CCNA part 5 routing
CCNA part 5 routingCCNA part 5 routing
CCNA part 5 routingSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKIAPNIC
 
Get vpn multicast for CCIE Security
Get vpn multicast for CCIE SecurityGet vpn multicast for CCIE Security
Get vpn multicast for CCIE SecurityDhruv Sharma
 
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow data
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow dataWebinar: How to captures and analyzes NetFlow, J-Flow and sFlow data
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow dataManageEngine, Zoho Corporation
 
Ccna routing and switching
Ccna routing and switchingCcna routing and switching
Ccna routing and switchingCRIS FERNANDEZ
 
Free OpManager training Part1- Discovery and classification season#3
Free OpManager training Part1- Discovery and classification season#3Free OpManager training Part1- Discovery and classification season#3
Free OpManager training Part1- Discovery and classification season#3ManageEngine, Zoho Corporation
 
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingEMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingAruba, a Hewlett Packard Enterprise company
 
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1DrayTek Corp.
 
Integrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access NetworkIntegrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access NetworkAruba, a Hewlett Packard Enterprise company
 

More Related Content

What's hot

Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.com
Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.comDenovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.com
Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.comAnne Kwong
 
A week with analysing RPKI status
A week with analysing RPKI statusA week with analysing RPKI status
A week with analysing RPKI statusAPNIC
 
4 ip services dhcp-part b
4 ip services dhcp-part b4 ip services dhcp-part b
4 ip services dhcp-part bSagarR24
 
Iot protocols tr 069
Iot protocols tr 069Iot protocols tr 069
Iot protocols tr 069adorable73
 
Free OpManager training Part 3 - Monitoring Network Performance and Network Maps
Free OpManager training Part 3 - Monitoring Network Performance and Network MapsFree OpManager training Part 3 - Monitoring Network Performance and Network Maps
Free OpManager training Part 3 - Monitoring Network Performance and Network MapsManageEngine, Zoho Corporation
 
4 ip services dhcp
4 ip services dhcp4 ip services dhcp
4 ip services dhcpSagarR24
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKIAPNIC
 
Get vpn multicast for CCIE Security
Get vpn multicast for CCIE SecurityGet vpn multicast for CCIE Security
Get vpn multicast for CCIE SecurityDhruv Sharma
 
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow data
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow dataWebinar: How to captures and analyzes NetFlow, J-Flow and sFlow data
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow dataManageEngine, Zoho Corporation
 
Ccna routing and switching
Ccna routing and switchingCcna routing and switching
Ccna routing and switchingCRIS FERNANDEZ
 
Free OpManager training Part1- Discovery and classification season#3
Free OpManager training Part1- Discovery and classification season#3Free OpManager training Part1- Discovery and classification season#3
Free OpManager training Part1- Discovery and classification season#3ManageEngine, Zoho Corporation
 

What's hot (20)

EMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingEMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
 
Iuwne10 S02 L03
Iuwne10 S02 L03Iuwne10 S02 L03
Iuwne10 S02 L03
 
Iuwne10 S01 L09
Iuwne10 S01 L09Iuwne10 S01 L09
Iuwne10 S01 L09
 
Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.com
Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.comDenovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.com
Denovo SIP VoIP Termination SBC Session Boarder Controler @ denofolab.com
 
A week with analysing RPKI status
A week with analysing RPKI statusA week with analysing RPKI status
A week with analysing RPKI status
 
4 ip services dhcp-part b
4 ip services dhcp-part b4 ip services dhcp-part b
4 ip services dhcp-part b
 
EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP Deployment
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)
 
Iot protocols tr 069
Iot protocols tr 069Iot protocols tr 069
Iot protocols tr 069
 
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS SwitchEMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
 
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast FailoverEMEA Airheads- ArubaOS - High availability with AP Fast Failover
EMEA Airheads- ArubaOS - High availability with AP Fast Failover
 
Free OpManager training Part 3 - Monitoring Network Performance and Network Maps
Free OpManager training Part 3 - Monitoring Network Performance and Network MapsFree OpManager training Part 3 - Monitoring Network Performance and Network Maps
Free OpManager training Part 3 - Monitoring Network Performance and Network Maps
 
4 ip services dhcp
4 ip services dhcp4 ip services dhcp
4 ip services dhcp
 
CCNA part 5 routing
CCNA part 5 routingCCNA part 5 routing
CCNA part 5 routing
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKI
 
Get vpn multicast for CCIE Security
Get vpn multicast for CCIE SecurityGet vpn multicast for CCIE Security
Get vpn multicast for CCIE Security
 
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow data
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow dataWebinar: How to captures and analyzes NetFlow, J-Flow and sFlow data
Webinar: How to captures and analyzes NetFlow, J-Flow and sFlow data
 
Ccna routing and switching
Ccna routing and switchingCcna routing and switching
Ccna routing and switching
 
Free OpManager training Part1- Discovery and classification season#3
Free OpManager training Part1- Discovery and classification season#3Free OpManager training Part1- Discovery and classification season#3
Free OpManager training Part1- Discovery and classification season#3
 
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingEMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
 

Similar to DrayTek Seminar in Greece, Session 1

DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1DrayTek Corp.
 
Integrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access NetworkIntegrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access NetworkAruba, a Hewlett Packard Enterprise company
 
TP Link Load Balancer.pptx
TP Link Load Balancer.pptxTP Link Load Balancer.pptx
TP Link Load Balancer.pptxPrakash Singh
 
F5 link controller
F5 link controllerF5 link controller
F5 link controllerJimmy Saigon
 
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 2
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 2DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 2
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 2DrayTek Corp.
 
OpenFlow: What is it Good For?
OpenFlow: What is it Good For? OpenFlow: What is it Good For?
OpenFlow: What is it Good For? APNIC
 
Data Center Design Guide 4 2
Data Center Design Guide 4 2Data Center Design Guide 4 2
Data Center Design Guide 4 2Fiyaz Syed
 
PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...
PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...
PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...Cisco Russia
 
Free NetFlow Analyzer training - Getting the initial settings right
Free NetFlow Analyzer training - Getting the initial settings rightFree NetFlow Analyzer training - Getting the initial settings right
Free NetFlow Analyzer training - Getting the initial settings rightManageEngine, Zoho Corporation
 
SWIFT: Tango's Infrastructure For Real-Time Video Call Service
SWIFT: Tango's Infrastructure For Real-Time Video Call ServiceSWIFT: Tango's Infrastructure For Real-Time Video Call Service
SWIFT: Tango's Infrastructure For Real-Time Video Call ServiceMeng ZHANG
 
Lync 2010 deep dive edge
Lync 2010 deep dive edgeLync 2010 deep dive edge
Lync 2010 deep dive edgeHarold Wong
 
P&G BT Global Services - LLD Final Revision Year 2008.
P&G BT Global Services - LLD Final Revision Year 2008.P&G BT Global Services - LLD Final Revision Year 2008.
P&G BT Global Services - LLD Final Revision Year 2008.Kapil Sabharwal
 
Design and Deployment of Enterprise WLANs
Design and Deployment of Enterprise WLANsDesign and Deployment of Enterprise WLANs
Design and Deployment of Enterprise WLANsFab Fusaro
 

Similar to DrayTek Seminar in Greece, Session 1 (20)

DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1
 
Integrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access NetworkIntegrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access Network
 
TP Link Load Balancer.pptx
TP Link Load Balancer.pptxTP Link Load Balancer.pptx
TP Link Load Balancer.pptx
 
F5 link controller
F5 link controllerF5 link controller
F5 link controller
 
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 2
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 2DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 2
DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 2
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
 
Sangoma SBC Training Presentation
Sangoma SBC Training PresentationSangoma SBC Training Presentation
Sangoma SBC Training Presentation
 
Distributed IP-PBX
Distributed IP-PBX Distributed IP-PBX
Distributed IP-PBX
 
OpenFlow: What is it Good For?
OpenFlow: What is it Good For? OpenFlow: What is it Good For?
OpenFlow: What is it Good For?
 
Data Center Design Guide 4 2
Data Center Design Guide 4 2Data Center Design Guide 4 2
Data Center Design Guide 4 2
 
PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...
PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...
PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...
 
Free NetFlow Analyzer training - Getting the initial settings right
Free NetFlow Analyzer training - Getting the initial settings rightFree NetFlow Analyzer training - Getting the initial settings right
Free NetFlow Analyzer training - Getting the initial settings right
 
Unit07
Unit07Unit07
Unit07
 
Vpnppt1884
Vpnppt1884Vpnppt1884
Vpnppt1884
 
EMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN TroubleshootingEMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN Troubleshooting
 
SWIFT: Tango's Infrastructure For Real-Time Video Call Service
SWIFT: Tango's Infrastructure For Real-Time Video Call ServiceSWIFT: Tango's Infrastructure For Real-Time Video Call Service
SWIFT: Tango's Infrastructure For Real-Time Video Call Service
 
TCP-IP PROTOCOL
TCP-IP PROTOCOLTCP-IP PROTOCOL
TCP-IP PROTOCOL
 
Lync 2010 deep dive edge
Lync 2010 deep dive edgeLync 2010 deep dive edge
Lync 2010 deep dive edge
 
P&G BT Global Services - LLD Final Revision Year 2008.
P&G BT Global Services - LLD Final Revision Year 2008.P&G BT Global Services - LLD Final Revision Year 2008.
P&G BT Global Services - LLD Final Revision Year 2008.
 
Design and Deployment of Enterprise WLANs
Design and Deployment of Enterprise WLANsDesign and Deployment of Enterprise WLANs
Design and Deployment of Enterprise WLANs
 

Recently uploaded

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 

Recently uploaded (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 

DrayTek Seminar in Greece, Session 1

  • 1. 1 Connecting to the Internet Henry Lo Application Engineer Seminar
  • 2. 2 • Multi LAN Subnets / VLAN - Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-subnets with APs • LAN-to-LAN VPN - PPTP and IPSec - VPN Trunk • Remote Dial-in VPN - Smart VPN Client and SSL VPN • Load-Balance/Route Policy Outline — Session 1
  • 3. 3 Outline — Session 2 • Content Security Management (CSM) - Web Content Filter with DNS Filter - APP Enforcement • User Management - Customized Login Page Logo - Create Accounts for Accommodations • AP Management - Setup, Configure, and Maintenance - Management Methods • WiFi Airtime Fairness • Bandwidth Management
  • 4. 4 Outline • Multi LAN Subnets / VLAN - Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-subnets with APs • LAN-to-LAN VPN - PPTP and IPSec - VPN Trunk • Remote Dial-in VPN - Smart VPN Client and SSL VPN • Load-Balance/Route Policy
  • 5. 5 Multi LAN Subnets / VLAN • The Initial Status
  • 8. 8 Multi LAN Subnets/VLAN • A Hybrid Example - P1 in LAN1 for Administrator Management - P2~P4 in LAN2 for 3 Departments, Isolated from Each Other - P5 in LAN1 for Internal Server (e.g., FTP Server) - P6 in LAN3 for Guests
  • 9. 9 • Enable 
 LAN2 and LAN3 • Enable 
 Inter-LAN Routing Multi LAN Subnets/VLAN
  • 10. 10 • A Hybrid Example - P1 Administrator - P2, P3 Staff - P4 for AP LANA - P5 for AP LANB Multi LAN Subnets/VLAN
  • 12. 12 Outline • Multi LAN Subnets / VLAN - Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-subnets with APs • LAN-to-LAN VPN - PPTP and IPSec - VPN Trunk • Remote Dial-in VPN - Smart VPN Client and SSL VPN • Load-Balance/Route Policy
  • 13. 13 Supported VPN Protocol • PPTP (TCP 1723) • L2TP (UDP 1701) • IPsec (UDP 500) • L2TP over IPsec • SSL VPN (TCP 443) • mOTP
  • 14. 14 Supported VPN Protocols None/Nice to Have/Must LAN to LAN PPTP L2TP /IPSec IPSec SSL port configurable V2960/V3900 only
  • 15. 15 LAN-to-LAN VPN • VPN for more subnets VPN 172.16.10.1/24 192.168.1.1/24 Headquarters Dial-in Branch 1 Dial-out 172.16.15.1/24 192.168.5.1/24
  • 16. VPN 16 LAN-to-LAN VPN • Hub and Spokes VPN172.16.10.1/24 192.168.1.1/24 172.16.20.1/24 Branch 2 VPN 172.16.30.1/24 VPN 172.16.40.1/24 Branch 3 Branch 4 Headquarters Branch 1
  • 17. 17 LAN-to-LAN VPN • VPN Trunk — Backup VPN 1 172.16.10.1/24 192.168.1.1/24 Dial-in Branch 1 Dial-out VPN 2 WAN 1 WAN 2 Headquarters
  • 18. 18 LAN-to-LAN VPN • VPN Trunk — Load Balance VPN 1 172.16.10.1/24 192.168.1.1/24 Dial-in Branch 1 Dial-out VPN 2 WAN 1 WAN 2 Headquarters
  • 19. 19 None/Nice to Have/Must Host to LAN PPTP L2TP /IPSec IPSec SSL port configurable PC Android Mac iOS Must DrayTek Smart VPN Client DrayTek Smart VPN Client Must Must
  • 20. 20 Remote Dial-In VPN • Smart VPN Client for Android — SSL VPN
  • 21. 21 Outline • Multi LAN Subnets / VLAN - Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-subnets with APs • LAN-to-LAN VPN - PPTP and IPSec - VPN Trunk • Remote Dial-in VPN - Smart VPN Client and SSL VPN • Load-Balance/Route Policy
  • 24. 24 Configuration Page • Set Criteria - Protocol - Source / Dest IP - Port
  • 25. 25 Configuration Page • Choose Route - Interface - Gateway • Give Priority - Higher than Routing Table? - Higher than other Policies?
  • 26. 26 Configuration Page • NAT or Routing? - Regardless of the original LAN type • Failover to Interface / Policy • Gradual / Immediate Failback
  • 27. 27 Idea of Priority • Compare between Routing Table and Route Policies 100 Index Interface 1 2 Src IP Dest IP WAN2 LAN2 Any WAN1 LAN2 8.8.8.8 Priority 100 INTERNET WAN1 WAN2 LAN1 Servers LAN2 PC 150 200
  • 28. INTERNET WAN1 WAN2 LAN1 Servers LAN2 PC 28 Idea of Priority • Compare between Routing Table and Route Policies Index Interface 1 2 Src IP Dest IP 3 WAN2 LAN2 Any WAN1 LAN2 8.8.8.8 Priority 200 150 200
  • 29. INTERNET WAN1 WAN2 LAN1 Servers LAN2 PC 29 Idea of Priority • Compare between Routing Table and Route Policies Index Interface 1 2 Src IP Dest IP 3 WAN1 LAN2 8.8.8.8 WAN2 LAN2 Any Priority 200 250 250
  • 30. • Priority First, Sequence Second 30 Idea of Priority • Compare between Routing Table and Route Policies
  • 31. • Priority First, Sequence Second - With Same Priority, Sequence Matters 31 Idea of Priority • Compare between Routing Table and Route Policies
  • 33. 33 • Send SIP Traffic to the Less-Jitter WAN Load Balance
  • 34. 34 Route Policy with VPN • Local Users to Remote Server - Only Specified LAN IP are eligible to send traffic via the VPN tunnel Manager IPTV INTERNET VPNTunnel VPN TunnelVPN Server Netflix Server netflix-380.vo.llnwd.net Employees