2011年12月25日 星期日

Full tunnel vs split tunnel

Full VPN Tunnel
http://www.elinanetworks.com/index.php/vpn-full-tunnel

Split tunnel setup
As shown in the figure below, the split tunnel is used where application data travels over the VPN tunnel setup to the HQ.

In this mode, the desktop has direct access to the Internet. In a small store setup, while the split tunnel provides application access over VPN tunnel, Internet access is not controlled. The only solution here is to add additional software components or an external firewall to limit access.

To overcome this problem, the full tunnel mode is used.

Full tunnel setup
In the full tunnel mode, the Secure VPN client configuration and setup is the same as before, but with one key change: all traffic from the desktop goes over the VPN tunnel.

In the full tunnel mode, since all traffic goes over the VPN tunnel, both application data and Internet access packets land up at the VPN concentrator at the HQ.

沒有留言: