Connections via Coordinator

If the coordinator functions as the gateway of a LAN and other clients connect to the network through this coordinator, the coordinator becomes a network node ('crypto-gateway') passing traffic to the outside from the nodes connected with it under its own name.

The option to select different coordinators as a firewall is a kind of a 'fail-safe' function; if a coordinator is unreachable, another can take its place.

If a client is set up to connect to the network through a coordinator, the client's encrypted traffic to and from nodes not accessible directly, will be forwarded by the coordinator. In this case, the coordinator plays the role of a router with NAT function (IP and MAC addresses of the client are translated).

The automatic routing of encrypted information to its coordinator occurs without the need to change the TCP/IP settings of the underlying operating system. The default gateway configuration stays the same after the ViPNet installation. This results in the unprotected network being unmodified, ie, work can be continued right after the installation of the ViPNet software.

In a large network that's divided into different segments by routers/switches, and where traffic is handled by IP addresses and protocols because of security policies, you can reduce the parameters of connection by using a coordinator. The administrator only has to complete settings for the UDP protocol, the local tunnelled addresses of the segment, and for the redirection of encrypted UDP traffic to the local address of the coordinator. (Refer to the diagram in Client Connection via Coordinator.)

If there is a need to secure the traffic of a specific segment of the network, a second coordinator can be placed at the border of this segment (refer to the diagram in Coordinator Connection via Another Coordinator). The first ViPNet coordinator (closer to Internet) has to be chosen as the firewall for the second ViPNet coordinator.

This results in the automatic routing of encrypted traffic from the inner segments to the local and global networks, when cascading several coordinators.

To configure a client's connection via a coordinator:

Ensure there is a tick in the Use Firewall check box.
Select ViPNet coordinator from the Firewall type drop-down list box.
By default, the coordinator the client was assigned to in ViPNet Manager appears in the ViPNet coordinator list box. If required, you can select another coordinator from the list. Mobile ViPNet users, for example, may select other coordinators in different networks and instantly get access to all network resources.
Leave the IP addresses server untouched to ensure the list you receive from the IP address server is your complete list of allowed connections (a different coordinator may have incomplete information).
Click the Apply to save your settings.

To configure a coordinator's connection via another coordinator acting as a firewall:

Ensure there is a tick in the Use Firewall check box.
Select ViPNet coordinator from the Firewall type drop-down list box.
Note: A coordinator that works through another coordinator does not need an IP addresses server; it exchanges IP information with all other coordinators connected with it. This is the reason why the coordinator does not have the IP addresses server part in the Settings window.
Select the network adapter located on the same 'side' as this coordinator from the Network interface connected to Firewall drop-down list box.
Click the Apply to save your settings.