[deployment-guide/comm-rel: 57/727] NetConf: add VPN description from Sec Guide
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 12:28:54 UTC 2010
commit cbf46829303576427c44c4e43fd51200f297560a
Author: Douglas Silas <dhensley at redhat.com>
Date: Sun Jul 18 23:57:07 2010 +0200
NetConf: add VPN description from Sec Guide
en-US/Network_Configuration.xml | 25 ++++++++++++++++++++-----
1 files changed, 20 insertions(+), 5 deletions(-)
---
diff --git a/en-US/Network_Configuration.xml b/en-US/Network_Configuration.xml
index b0cd188..2fbdac2 100644
--- a/en-US/Network_Configuration.xml
+++ b/en-US/Network_Configuration.xml
@@ -707,7 +707,22 @@ NetworkManager (pid 1527) is running...
<section
id="sec-Establishing_a_VPN_Connection">
<title>Establishing a VPN Connection</title>
- <para>Connecting to a Virtual Private Network (VPN) enables you to communicate securely between your computer or Local Area Network, and another, remote LAN.</para>
+ <!--silas: introductiory info adapted from the RHEL6 Security Guide:
+ http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-Virtual_Private_Networks_VPNs.html-->
+ <para>Connecting to a Virtual Private Network (VPN) enables you to communicate securely between your Local Area Network (LAN), and another, remote LAN. After successfully establishing a VPN connection, a VPN router or gateway performs the following actions upon the packets that you transmit:</para>
+ <orderedlist>
+ <listitem>
+ <para>it adds an <firstterm>Authentication Header</firstterm> for routing and authentication purposes;</para>
+ </listitem>
+ <listitem>
+ <para>it encrypts the packet data; and</para>
+ </listitem>
+ <listitem>
+ <para>it encloses the data with an Encapsulating Security Payload (ESP), which constitutes the decryption and handling instructions.</para>
+ </listitem>
+ </orderedlist>
+ <para>The receiving VPN router strips the header information, decrypts the data, and routes it to its intended destination (either a workstation or other node on a network). Using a network-to-network connection, the receiving node on the local network receives the packets already decrypted and ready for processing. The encryption/decryption process in a network-to-network VPN connection is therefore transparent to clients.</para>
+ <para>Because they employ several layers of authentication and encryption, VPNs are a secure and effective means of connecting multiple remote nodes to act as a unified intranet. </para>
<remark>To establish a wireless connection, you need a computer capable of wi-fi connectivity, a wireless access point to connect to, and the passphrase of the access point unless it is open and unsecured.</remark>
<para>You can configure a VPN connection by opening the <guilabel>Network Connections</guilabel> window and selecting the <guilabel>tab</guilabel> tab. For more information on opening the <guilabel>Network Connections</guilabel> window via <application>NetworkManager</application>'s Notification Area applet, or by running a shell command, refer to <xref
linkend="sec-Configuring_New_and_Editing_Existing_Connections"/>.</para>
@@ -740,19 +755,19 @@ NetworkManager (pid 1527) is running...
<para>At this point, you have created a new VPN connection. You can further configure your connection by selecting it in the <guilabel>Network Connections</guilabel> window and clicking <guilabel>Edit</guilabel> to return to the <guilabel>Editing</guilabel> dialog.</para>
<para>Then, to configure:</para>
<itemizedlist>
- <listitem>
+ <!--<listitem>
<para>;</para>
- </listitem>
+ </listitem>-->
<listitem>
<para>IPv4 settings for the connection, click the <guilabel>IPv4 Settings</guilabel> tab and proceed to <xref
linkend="sec-Configuring_IPv4_Settings"/>; or,
</para>
</listitem>
- <listitem>
+ <!--<listitem>
<para>IPv6 settings for the connection, click the <guilabel>IPv6 Settings</guilabel> tab and proceed to <xref
linkend="sec-Configuring_IPv6_Settings"/>.
</para>
- </listitem>
+ </listitem>-->
</itemizedlist>
<variablelist>
<varlistentry>
More information about the docs-commits
mailing list