Remote maintenance and monitoring of networks

The remote maintenance and monitoring of networks is becoming increasingly important because of the possibilities of VPN. With the use of almost ubiquitous broadband Internet connections, administrators in these management scenarios no longer have to rely upon different data communication technologies or expensive leased lines.





In this example, a service provider monitors the networks of various customers from a central location. For this purpose, the SNMP-capable devices should automatically send the corresponding traps of important events to the SNMP trap receivers (e.g. LANmonitor) in the network of the service provider. The administrator in the service provider's LAN thus has an up-to-date overview of the status of the devices at all times.

The individual networks can be structured very differently: Customers A and B integrate their branch offices and their networks into the central LAN by means of VPN connections, customer C operates a network with several public Wi-Fi base stations as hotspots, and customer D has another router for ISDN dial-in access into their LAN.

Note: The networks of customers A and B use different address ranges to their affiliated branch offices. These networks can thus be coupled by means of VPN.

In order to avoid operating a separate VPN tunnel to each of the customers’ (A and B) subnets, the service provider establishes a VPN connection solely to the main office and uses the existing VPN lines to communicate with the branch offices.

Traps from the networks report to the service provider whether, for example, a VPN tunnel has been established or terminated, a user tried to log in three times with a wrong password, a user logged into a hotspot, or a LAN cable has been pulled out of a switch somewhere.

Note: See the appendix to this reference manual for a complete list of all SNMP traps supported by the device.

The routing of these different networks quickly reaches its limits when two or more customers use the same address range. The problem can be compounded if customers use the same address range as the service provider themselves, which causes further address conflicts. In this example, a hotspot operated by customer C has the same address as the gateway of the service provider.

There are two different variants for resolving these address conflicts:

In this example, the service-provider administrator for customer B's network sets the central address translation to 10.2.x.x., so that the two networks using the same address pools appear to the service provider's gateway to be two different networks.

For customers C and D the administrator selects the address pools 192.168.2.x and 192.168.3.x, so that these networks have different addresses from the service provider's own network.

In order for the gateway of the service provider to communicate with the networks of customers C and D, the administrator additionally sets up an address translation to 192.168.1.x for his own network.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo