Chapter 7 Configuring control tunnels 139Nortel VPN Router Configuration — Basic FeaturesFigure 28 Sample control tunnel environmentBranch office control tunnels allow anyone on the configured network tocommunicate with the Nortel VPN Router being managed. This allows a NortelVPN Router to communicate with various systems within a company’s networkoperations center or corporate headquarters (the Cleveland private network).A user control tunnel allows a Nortel VPN Client to communicate with a NortelVPN Router that is being managed. This allows network management personnelfrom anywhere in the world access to the management tasks.If you work at a NOC in Cleveland and you manage a customer’s Nortel VPNRouter that is located in Boston, you would want to use control tunnels. On oneend of the control tunnel (the Nortel VPN Router under management), access isalways restricted to the management address only. Access to the Boston NortelVPN Router is limited. The Cleveland end of the tunnel could allow access to itsentire private network. This allows multiple systems in your Cleveland NOC tocommunicate with the management address only of the Boston Nortel VPNRouter; or for the Boston Nortel VPN Router to use remote servers (FTP, DHCP,RADIUS, and DNS servers) on the Cleveland private network.
