.. _example_vpn_ipsec_site-to-site_peer_roadwarrior:

###########
Roadwarrior
###########


.. sidebar:: Contents

  .. contents::
    :depth: 1
    :local:

This scenario shows different ways to setup a roadwarrior VPN
connection; in which, instead of using a N2N (network to network)
connection, a single machine (e.g., a host) is able to connect to
a remote private network.

On the one hand, ``DUT2`` and ``DUT0`` represent a remote branch
office. On the other hand, ``DUT1`` is a roadwarrior that can
establish a connection to ``DUT2`` using different virtual IPs.

Note that security associations (SAs) have to be manually
flushed with the command ``clear vpn ipsec sa``. Depending on
the configuration parameter ``connection-type``, the new tunnel
connections will be created or not.

.. image:: roadwarrior.svg
  :width: 400

****************************************
Test VPN Roadwarrior Connection With VTI
****************************************

Description
===========

In this scenario, ``DUT0`` uses a VTI
interface to encapsulate the VPN traffic.

Scenario
========

.. include:: roadwarrior/testvpnroadwarriorconnectionwithvti

.. raw:: html

  <hr>

****************************************************
Test VPN Roadwarrior Connection With Global Policies
****************************************************

Description
===========

In this scenario, ``DUT0`` uses global VPN
policies (or selectors) to encapsulate traffic.

Scenario
========

.. include:: roadwarrior/testvpnroadwarriorconnectionwithglobalpolicies

.. raw:: html

  <hr>

******************************************************
Test VPN Roadwarrior Connection With VTI And VIPs Pool
******************************************************

Description
===========

In this scenario, ``DUT0`` uses a VTI
interface to encapsulate the VPN traffic.
``DUT1`` requests a virtual IP address from
``DUT0`` and it installed in dum0. Routes are
also automatically installed taking into
account the negotiated selectors.

Scenario
========

.. include:: roadwarrior/testvpnroadwarriorconnectionwithvtiandvipspool

.. raw:: html

  <hr>

******************************************************************
Test VPN Roadwarrior Connection With Global Policies And VIPs Pool
******************************************************************

Description
===========

In this scenario, ``DUT0`` uses global VPN
policies (or selectors) to encapsulate traffic.
``DUT1`` requests a virtual IP address from
``DUT0`` and it installed in dum0. Routes are
also automatically installed taking into
account the negotiated selectors.

Scenario
========

.. include:: roadwarrior/testvpnroadwarriorconnectionwithglobalpoliciesandvipspool

.. raw:: html

  <hr>