Department of Management Services
LAN - to - LAN
The Centralized LAN-to-LAN VPN service receives encrypted IP traffic via an Internet connection instead of relying on dedicated leased lines or Frame Relay circuits. When an entity has a contractor relationship with a State Agency and needs to access Agency data resources, this service provides a cost effective solution. The data is securely transported across the Internet through an encrypted VPN tunnel. The encrypted tunnel originates at the partner's remote VPN gateway appliance and terminates at the State's gateway VPN cluster as shown in the diagram below.
Permitted access to the State intranet is governed by machine authentication and an access policy programmed within the state VPN appliance's configuration. The access policy governs which network(s) or host(s) within the State intranet the remote partner has authorization by the Agency to access. This service only supports inbound initiated VPN sessions meaning it is designed to permit a remote partners access into the State's network, only. If an Agency wishes to initiate an outbound session to a remote partner's network to access data resources, then this service cannot be used.