Network Extrusion (original) (raw)
A network extrusion is a kind of VPN tunnel where a subnet (or host) is moved to another location, without any router advertisement changes. Such a subnet is routed to normally, but then send via a VPN tunnel to appear anywhere else on the internet. This type of VPN connection is often used for: * Adding IPv4 public address space to a location that has only 1 public IP address, such as a consumer internet connection * Assigning a static IP address to a roaming laptop to ensure it is always reachable on 1 static IP address. This is often done with IPsec and L2TP or XAUTH * v * t * e
| Property | Value |
|---|---|
| dbo:abstract | A network extrusion is a kind of VPN tunnel where a subnet (or host) is moved to another location, without any router advertisement changes. Such a subnet is routed to normally, but then send via a VPN tunnel to appear anywhere else on the internet. This type of VPN connection is often used for: * Adding IPv4 public address space to a location that has only 1 public IP address, such as a consumer internet connection * Assigning a static IP address to a roaming laptop to ensure it is always reachable on 1 static IP address. This is often done with IPsec and L2TP or XAUTH In IPsec/Openswan IPv4 configuration, this corresponds to a policy on the client system like: conn mylaptop—extruded right=192.1.0.1 rightsubnet=0.0.0.0/0 left=%defaultroute leftsubnet=192.0.0.1/32 leftsourceip=192.0.0.1 When this IPsec connection is active, the default IP address for outgoing connections is 192.0.0.1. Since this is covered by the IPsec tunnel, the packet will be encrypted and send to the remote IPsec gateway at 192.1.0.1. It will get decrypted and then sent to its original destination. Response packets follow a similar path in reverse. When using leftsubnet=192.0.0.0/24, one could even run a small network with the laptop as default gateway and provide public IP addresses to many computers, all appearing to live at the remote site. Generally, IPsec VPNs are used in many cases to route private networks rather than public ones, so while this configuration is not implausible, it is unusual for VPN administrators. Many remote access situations run as network extrusions so that a corporate firewall can inspect the traffic that travels to and from the laptop computer. This technique can also be used to tunnel in IPv6 space into networks where only IPv4 space is available (or vice versa) These tunnels are invisible to traceroute because the IPsec tunnel appears as a single additional hop, just like a subnet. * v * t * e (en) |
| dbo:wikiPageID | 31942124 (xsd:integer) |
| dbo:wikiPageLength | 2269 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID | 999306962 (xsd:integer) |
| dbo:wikiPageWikiLink | dbr:Private_network dbr:Roaming dbr:VPN dbr:L2TP dbr:Subnetwork dbr:Static_IP dbr:Traceroute dbc:Virtual_private_networks dbr:Router_advertisement dbr:IPv4 dbr:IPv6 dbr:Openswan dbr:IP_address dbr:IPsec dbr:Firewall_(computing) dbr:VPNs dbr:Subnet dbr:Xauth |
| dbp:wikiPageUsesTemplate | dbt:Orphan dbt:Unreferenced dbt:Technology-stub |
| dct:subject | dbc:Virtual_private_networks |
| gold:hypernym | dbr:Kind |
| rdf:type | yago:WikicatVirtualPrivateNetworks yago:Abstraction100002137 yago:Group100031264 yago:Network108434259 yago:System108435388 |
| rdfs:comment | A network extrusion is a kind of VPN tunnel where a subnet (or host) is moved to another location, without any router advertisement changes. Such a subnet is routed to normally, but then send via a VPN tunnel to appear anywhere else on the internet. This type of VPN connection is often used for: * Adding IPv4 public address space to a location that has only 1 public IP address, such as a consumer internet connection * Assigning a static IP address to a roaming laptop to ensure it is always reachable on 1 static IP address. This is often done with IPsec and L2TP or XAUTH * v * t * e (en) |
| rdfs:label | Network Extrusion (en) |
| owl:sameAs | freebase:Network Extrusion yago-res:Network Extrusion wikidata:Network Extrusion https://global.dbpedia.org/id/f8dn |
| prov:wasDerivedFrom | wikipedia-en:Network_Extrusion?oldid=999306962&ns=0 |
| foaf:isPrimaryTopicOf | wikipedia-en:Network_Extrusion |
| is foaf:primaryTopic of | wikipedia-en:Network_Extrusion |