When will the SM support VPN?

gregoryeid · September 29, 2006, 1:28pm

Does anyone know when the SM will be able to support VPN?

vj1 · September 29, 2006, 9:05pm

what is it your trying to do… what do you need the VPN for ?

will Vlans not do the job for you…

gregoryeid · September 29, 2006, 9:40pm

I have two distinct groups of clients on my Canopy network. Customers in one group (Group-A) do NAT on the SM or a router.

Customers in the other group (Group-B) don’t do NAT on the SM. All the PCs on each customer LAN are set as DHCP clients that request an IP from a DHCP server (gateway controller for prepaid platform) located remotely in our Network Operating Centre. Sometimes a Customer will manually set an IP on one or more PCs that conflict with the SM IP. Other times PCs infected with viruses and other malicious code affect my Canopy network along with other Customers.

To solve these problems I must seperate the customer’s LAN from my Canopy network by placing a router or doing NAT on the SM. But when I do so the DHCP clients can no longer reach the DHCP server to request and get an IP. But if I establish a VPN tunnel between the customer’s LAN and the DHCP server I will 1) retain the connectivity between the DHCP client & server and 2) secure my network.

I prefer to use the SM to establish the VPN tunnel instead of adding a VPN router, which will only increase the cost to each client and an increase the number of devices that I must monitor and maintain.

I hope this explains my problem better

Greg

matrixsup · September 30, 2006, 4:26am

Currently Sm do not support any tunneling protocols like GRE or Others.

You need to use External(VPN) devices & possibly check if These devices have DHCP servers built into them.

gregoryeid · September 30, 2006, 9:31am

Hmmmm Not very good. Thanks anyway for the response. I know that SM does not support VPN currently. What I would like to know is if it will in the near future. Has Motorola announced it somewhere?

matrixsup · September 30, 2006, 1:03pm

The roadmap is to have routing built into SM.Not sure which version that is scheduled.

Also depending on the type of implementation of routing feature the
routing protocols & stuff would be implemented.

mkappa · September 30, 2006, 1:28pm

If you build your network with Layer 2 (routing and bridge), you don’t have any problem with VPN. You can set the SM with Bridge mode, and you can give to you customer 1(one) public ip address on your’s pc eth interface or router, also you can use radius for accounting of your customers.
Bye

vj1 · September 30, 2006, 3:31pm

Gregory

I may be missing something but I think you have 2 options:

1) put the different customers on different VLAN, have a L3 managed switch, create the vlan interface on that vlan and run DHCP on that vlan interface, each customer will have to be on a different IP scheme

2) if you need to run them all on the same DHCP scheme and keep them seperate then you can use VRF to do it

hope this helps