PC A | Internet | VR2004 | |
|
| ||
|
|
| |
|
|
|
|
| WAN IP: 172.16.0.123 | WAN IP: 10.10.0.123 | |
| Netmask: 255.255.255.0 | Netmask: 255.255.255.0 | |
| Virtual LAN IP: 192.168.123.0 | LAN IP: 192.168.100.254 | |
Mode 2
•Remote IP Network: 192.168.123.0
•Remote Netmask: 255.255.255.0
•Remote Gateway IP: 172.16.0.123
•Network Interface: The interface on the router used to communicate with the remote network. Most users should leave this set to WAN ETHERNET
•Local IPSEC Identifier: Allows you to identify multiple tun- nels and does not have to match the name used at the other end of the tunnel. The default value is Local.
•Remote IPSEC Identifier: Allows you to identify multiple tunnels and does not have to match the name used at the other end of the tunnel. The default value is Remote.
Note: If you do not know the Remote Gateway IP of the remote client, you can enter 0.0.0.0. However, the VPN connection request must then be initiated by the client. If you select Manual Mode, you must enter the Remote Gateway IP address.
4.3IPSec Keying (IKE Mode)
A VPN tunnel is formed of two separate Secure Associations, or SAs. One SA is used for traffic in each direction, and the router will keep track of both SAs for you. Since the router is going to be en- crypting the packets that are sent across an unsecured network (the Internet), it needs a way to share a key so that each router can de- crypt the data it receives.
User’s Manual | 45 |
|