Pass-Through VPN Scenario

As described in "Internet and Intranet-Based VPN Connections" earlier in this chapter, a pass-through VPN allows a remote access client connected to one company's intranet to access the resources of another company's intranet across the Internet. A remote access VPN connection is passed to one intranet through another intranet and the Internet.

In a typical case, company A and company B are business partners, and an employee of company A visits company B. When the employee of company A attends a meeting and connects a laptop computer to the company B intranet, a company B intranet IP address configuration is obtained. If the employee of company A needs to connect to the company A intranet, it can be done in one of two ways:

• Using a phone line in the conference room, the employee of company A can directly dial a company A remote access server to make a dial-up connection to the company A intranet or can dial a local ISP and make a VPN connection to the company A intranet.

• As illustrated in Figure 9.19, using VPN technology and the appropriate infrastructure, the employee of company A can create a tunnel across the company B intranet to the Internet and then create another tunnel across the company B intranet and the Internet to the company A intranet.

With the latter method, the VPN connection to the company A intranet is created by activating two connection objects in the Connections folder using the existing local physical network connection. Note that Tunnel 2 is inside Tunnel 1 on the company B intranet.

Figure 9.19 Pass-Through VPN Scenario