How the VPN Broker Domain works

The VPN Broker domain is a virtual network that contains the VPN Broker gateway and the VPN Broker members.

The following is an example of IP addresses and MAC addresses in the VPN Broker Domain.



1
The VPN Broker Domain is a virtual network.
The VPN Broker Domain is identified by a unique MAC address prefix. In this example, the MAC address prefix is 02:02:02.
2
Each VPN Broker Member has an IP address that is part of the virtual network defined in the VPN Broker Domain.
Each VPN Broker Member is identified by a unique partial MAC address.
3
The VPN Broker Gateway is identified by a unique VPN Broker Gateway ID number.

The MAC address prefix of the VPN Broker Domain is combined with the partial MAC address of each VPN Broker Member to form a complete MAC address for each VPN Broker Member.

Table 1. Example of how VPN Broker Member MAC addresses are formed
MAC address prefix of the VPN Broker Domain Partial MAC address of the VPN Broker Member Complete MAC address of the VPN Broker Member
02:02:02 00:01:00 02:02:02:00:01:00
00:01:01 02:02:02:00:01:01
00:01:02 02:02:02:00:01:02
00:01:03 02:02:02:00:01:03
00:01:04 02:02:02:00:01:04

The MAC address prefix of the VPN Broker Domain is combined with the VPN Broker Gateway ID number to form a complete MAC address for the VPN Broker Gateway.

In this example, the VPN Broker Gateway ID is 10. In the NGFW Manager, you enter the VPN Broker Gateway ID as a decimal number. However, the ID is converted internally to a hexadecimal number. For example, an ID of 10 is converted to 0A in the MAC address of the VPN Broker Gateway.

Table 2. Example of how VPN Broker Gateway MAC addresses are formed
MAC address prefix of the VPN Broker Domain VPN Broker Gateway ID Complete MAC address of the VPN Broker Gateway
02:02:02 10 02:02:02:00:00:0A