Cisco Systems RVL200 Appendix H Deployment in an Existing Network, LAN-to-LAN Connection

Page 88

Appendix H

Appendix H:

Deployment in an Existing

Network

Overview

If you have a current VPN router in your network, you can add the 4-Port SSL/IPSec VPN Router (model number: RVL200), so that the SSL clients can access the existing network resources.

The two configuration examples are for LAN<=>WAN and LAN<=>LAN, between a 4-Port SSL/IPSec VPN Router and an existing VPN Router, such as the Linksys 10/100 16-, 8-, or 4-Port VPN Router (model numbers: RV016, RV082, or RV042).

•LAN<=>WAN

The Routers are on different networks (192.168.1.x and 192.168.2.x).

•LAN<=>LAN

The Routers are on the same network (192.168.1x).

LAN-to-LAN Connection

Deployment in an Existing Network

4.Remove the checkmark from the Enable DHCP Server setting.

5.Click Save Settings.

6.Click the Setup tab.

7.Click the Advanced Routing tab.

8.In the Static Routing section, enter 0.0.0.0 in the Destination IP field.

9.Enter 0.0.0.0 in the Subnet Mask field.

10.Enter 192.168.1.1 in the Default Gateway field.

11.Enter 1 in the Hop Count field.

12.Select LAN from the Interface drop-down menu.

13.Click Add to list.

14.Access the web-based utility of the RV082.

15.Click the Setup tab.

16.Click the DMZ Host tab. Configure the RVL200 as the DMZ Host for the RV082. Enter 192.168.1.2, the IP address of the RVL200.

17.Click the Forwarding tab.

18.Select HTTPS[TCP/443~443] from the Service drop- down menu.

19.Enter the IP address of the RVL200, 192.168.1.2.

20.Enable the entry.

21.Click Add to list.

RV082 (Assistant Test Device) LAN IP: 192.168.1.1

DMZ Host: 192.168.1.2

Port Forwarding: HTTPS [TCP 443] -> 192.168.1.2

WAN1

LAN

192.168.1.50-54

WAN2

LAN

LAN192.168.1.100-110

RVL200

Device Under Test (DUT)

LAN IP: 192.168.1.2

DHCP Server: Disabled

After an SSL VPN client establishes its connection, the client can access the existing computers (192.168.1.100-

110)or the servers (192.168.1.50-54) on the RV082 LAN

side.

RVL200 LAN to RV082 LAN

To connect the RVL200 LAN to the RV082 LAN:

1.Physically connect a numbered port (Ethernet 1-4) on the RVL200 to a LAN port on the RV082.

2.Access the web-based utility of the RVL200. (Refer to “Chapter 4: Advanced Configuration” for details.)

3.Click the DHCP tab.

4-Port SSL/IPSec VPN Router

80

Image 88

Contents Port SSL/IPSec VPN Router About This Guide About This GuideTable of Contents Ddns IPSec VPN Gateway to Gateway Appendix D Active Directory Server Appendix C Bandwidth ManagementAppendix E User for the Active Directory Server Appendix J IPSec NAT Traversal Appendix I Gateway-to-Gateway VPN TunnelAppendix L Multiple VLANs with Computers Appendix O Firmware Upgrade Appendix P Battery ReplacementAppendix Q Specifications Appendix M Multiple VLANs and SubnetsChapter Chapter IntroductionIntroduction Introduction to the RouterComputer using SSL VPN client software to VPN Router Chapter Product Overview Product OverviewFront Panel Back PanelInstallation Chapter InstallationPhysical Installation Cable Connection Chapter Advanced Configuration Advanced ConfigurationOverview Before You BeginHow to Access the Web-Based Utility Click Security Select Use SSL 2.0 and Use SSLSystem Summary System InformationNetwork Setting Status Firewall Setting StatusIPSec VPN Setting Status SSL VPN Setting StatusSetup Tab Network LAN SettingNetwork WAN Connection TypeStatic IP PPPoE Point-to-Point Protocol over EthernetSetup Password Pptp Point-to-Point Tunneling ProtocolSetup Time Setup DMZ HostPassword TimeSetup Tab Forwarding ForwardingPort Range Forwarding Port TriggeringSetup UPnP UPnPSetup MAC Clone Setup One-to-One NATOne-to-One NAT Setup Ddns Setup Advanced RoutingMAC Clone Advanced RoutingDhcp Setup Static RoutingDynamic IP SetupStatic IP Dhcp Status StatusDhcp Multiple VLANs Multiple VLANsSystem Management Diagnostic DiagnosticDhcp Inter-VLAN Routing Inter-VLAN RoutingFactory Default Firmware UpgradeSystem Management Restart Firmware DownloadImport Configuration File Export Configuration FileSystem Management Port Mirroring RestartPort Management Port Setup Basic Per Port ConfigPort Management Port Status Port StatusPort Management Port Setting Port SettingPort Management Create Vlan Create VlanVlan Membership QoS Bandwidth ManagementBandwidth Management Rate Control PriorityQoS QoS Setup QoS SetupQoS Mode Trust Mode Default CoSQoS Queue Settings QoS Dscp SettingsQueue Settings CoS SettingsDscp Settings Firewall GeneralGeneral Dscp to QueueAccess Rules Firewall Access RulesRestrict WEB Features Add a New Access Rule ServicesFirewall Content Filter Content FilterScheduling IP/MAC GroupIPSec VPN Summary Forbidden DomainsWebsite Blocking by Keywords IP AddressLocal Group Setup IPSec VPN Gateway to GatewaySummary Add a New TunnelLocal Security Group Type Remote Group SetupRemote Security Gateway Type Remote Security Group Type IPSec Setup IKE with Preshared KeyAdvanced IPSec VPN VPN Pass Through SSL VPN SummarySSL VPN Certificate Management VPN Pass ThroughAuthentication Type SSL VPN User ManagementUser Management Edit GroupSSL VPN Virtual Passage Edit UserVirtual Passage Snmp Global ParametersGlobal Parameters Snmp Views Snmp Group ProfileViews Group ProfileSnmp Group Membership Snmp CommunitiesGroup Membership CommunitiesSnmp Notification Recipient Notification RecipientLog System Log System LogLog Setting Log System StatisticsAlert Log General LogBasic Setup WizardObtain an IP automatically PPPoEAccess Rule Setup Select the Service Support LogoutManual Linksys Web SiteLogout Troubleshooting Appendix a TroubleshootingAppendix a Appendix B Virtual Passage SSL VPN Client Appendix BBefore You Begin Windows OS Make the SSL VPN Portal a Trusted Site Windows OS Click Trusted sitesInstallation of the Virtual Passage Client Windows OS Login for the SSL VPN Portal Windows OSWhen you right-click the icon, you have three options Click Continue AnywayLogin for the SSL VPN Portal Mac OS Installation of the Virtual Passage Client Mac OSWindows Vista Usage Removal of the Virtual Passage Client Mac OS Click ContinueLogin for the SSL VPN Portal Linux OS Installation of the Virtual Passage Client Linux OSBefore You Begin Linux OS Removal of the Virtual Passage Client Linux OS Creation of New Services Appendix CAppendix C Bandwidth Management Bandwidth ManagementClick Save Settings Creation of New Bandwidth Management RulesAppendix D Active Directory Server Appendix DActive Directory Server Select Domain in a new forest, and then click Next Enter a domain name, and then click Next Active Directory Server Troubleshooting Appendix E Appendix E User for the Active Directory ServerUser for the Active Directory Server Appendix F Internet Authentication Service IAS Server Appendix FInternet Authentication Service IAS Server Select Unencrypted authentication. Click Apply Click Finish Welcome to the New Connection Request Policy Wizard Click Edit Profile Appendix G Click the User Management tabSelect HTTPSTCP/443~443 from the Service drop- down menu Appendix HAppendix H Deployment in an Existing Network LAN-to-LAN ConnectionWAN-to-LAN Connection Configuration of the RVL200 AppendixAppendix Gateway-to-Gateway VPN Tunnel Click the Gateway to Gateway tabConfiguration of the RV082 Configuration of PC 1 and PCRV082 RVL200 Dynamic IP B.B.B.B with Configuration when Both Gateways Use Dynamic IP Addresses Appendix Configuration of Scenario Configuration of Router aAppendix J Appendix J IPSec NAT TraversalConfiguration of Router B IPSec NAT TraversalOne-to-One NAT Rule on NAT 2 RV042 One-to-One NAT Rule on NAT 1 RV042Configuration of Router a Configuration of Multiple RVL200-to-RV042 ConfigurationAppendix K Appendix KClick Save Setting RV042 #1 ConfigurationClick the Advanced Routing tab RV042 #2 Configuration RVL200-to-SRW2048 Configuration Appendix LAppendix L Multiple VLANs with Computers Click the Port Management tabSelect Enable Vlan SRW2048 ConfigurationClick Save Settings Click the Vlan Membership tab RVL200 Configuration Appendix MAppendix M Multiple VLANsInter-VLAN Routing Option Click the Inter-VLAN Routing tabAccess of Multiple VLANs Appendix NAppendix N Over a SSL VPN TunnelFirmware Upgrade Appendix O Firmware UpgradeAppendix O Upgrade the Firmware Click the Firmware Upgrade tabAppendix P Battery Replacement Battery ReplacementReplace the Lithium Battery Appendix PSpecifications Appendix Q SpecificationsAppendix Q Limited Warranty Warranty InformationAppendix R Appendix S Regulatory InformationDansk Danish Miljøinformation for kunder i EU Port SSL/IPSec VPN Router 106 Norsk Norwegian Miljøinformasjon for kunder i EU Port SSL/IPSec VPN Router 108 Appendix T Contact Information