摘要
The virtual private network (VPN) system, which is one of the construction methods for private networks over the Internet, is gaining prominence. VPNs are currently used for corporate networks to support end to end communications. But if they are applied to private networks for distributed departments in organizations, some problems should be concerned, such as low efficiency of packet transfer and nonsupport of unsymmetrical VPN connections. At first this paper analyzes the limitations of VPN used in the environment of multiple subnets, and then brings up a distributed module of VPN with low cost, high packet transfer efficiency and powerful functions of user authentication and access control.
VPN(虚拟专用网 )是专用网络在公共网络 (如 In-ternet)上的扩展。对于跨越 Internet的大型企业网络而言 ,VPN可以用来建立端到端的安全通信。但是如果企业内部的各部门之间需要通过 Internet进行安全通信 ,将会产生一些新的问题 ,如包传送效率低 ,不支持非对称 VPN连接等。本文首先分析了 VPN在多层子网环境中的缺陷 ,然后提出一种分布式 VPN模型。这种模型实现了网络包高效传送 。
