3Com 3CR856-95 L2TP over IPSec Connections

59

Gateway Two is located at the sales office and is configured with

the following settings:

■Internet IP address: 174.27.34.202

■LAN IP address: 192.168.2.1

■Remote Subnet Mask: 255.255.255.0

To set up an IPSec Connection between the two Gateways, do

the following on each Gateway:

1Select IPSec Enabled from the VPN Mode screen.

2Switch to the VPN Connections screen and click New.

3In the Connection Name field enter: headsales

4In the Description field enter: Connection between head office

and sales office.

5Ensure that the Gateway to gateway radio button is selected.

6Enter the Internet IP address of the Gateway you are configuring

in the This Gateway’s ID field.

aEnter 174.19.201.162 on Gateway One.

bEnter 172.27.34.202 on Gateway Two.

7Enter the Internet IP address of the other Gateway in the Remote

IPSec Server Address field.

aEnter 174.27.34.202 on Gateway One.

bEnter 172.19.201.162 on Gateway Two.

8Enter the IP address of the other LAN subnet in the Remote

Network address field.

aEnter 192.168.2.0 on Gateway One.

bEnter 192.168.1.0 on Gateway Two.

9The Remote Subnet Mask is a default setting of 255.255.255.0.

10 Enter a password in the Tunnel Shared Key field in both

Gateways. The example uses TYP0249//23b as the shared key.

11 Choose DES as the Encryption Type.

12 Choose SHA-1 as the Hash Algorithm.

13 Choose Diffie-Hellman Group 1 (768 bit) the in the Exchange

keys using drop-down box.

14 Ensure that the Use Perfect Forward Secrecy box is checked

15 Click Apply to save your changes or Close to return without

saving.

L2TP over IPSec Connections

If you have selected L2TP over IPSec as your Tunnel Type, enter

the following values. See Figure 55:

■Password — The password that will need to be supplied to

connect.

Figure 55 L2TP over IPSec Connections

dua08569-5aaa02.boo k Pag e 59 Thursday, Novem ber 7, 2002 3:09 PM

Contents

Main 3Com Corporation 5400 Bayfront Plaza Santa Clara, California 95052-8145 C Page Page Page ABOUT THIS GUIDE Naming Convention Conventions Icon Notice Type Description Convention Description Feedback about this User Guide Convention Description Related Documentation Product Registration INTRODUCING THE OFFICECONNECT CABLE/DSL SECURE GATEWAY OfficeConnect Cable/DSL Secure Gateway Cable/DSL Secure Gateway Advantages Package Contents Minimum System and Component Requirements Front Panel 1 Alert LED (Orange) Off Flashing quickly Flashing slowly (Two seconds on, two seconds off) On for 2 seconds, and then off Rear Panel 5 Power Adapter socket 6 Ethernet Cable/DSL port 7 Four 10/100 LAN ports Page INSTALLING THE GATEWAY Introduction Positioning the Gateway Safety Information Using the Rubber Feet PPPoE PPTP DHCP Static Powering Up the Gateway Connecting the Cable/DSL Secure Gateway Page SETTING UP YOUR COMPUTERS Obtaining an IP Address Automatically Windows 2000, XP Windows 95, 98, ME Macintosh OS 8.5, 9.x Disabling PPPoE and PPTP Client Software Disabling Web Proxy Page RUNNING THE SETUP WIZARD Accessing the Wizard Setting the Password Setting the Time Zone Auto-Configuration Settings Internet Settings Static IP Mode Dynamic IP Address Mode PPPoE Mode PPTP Mode Choosing your LAN Settings Activating DHCP Viewing the Summary Page GATEWAY CONFIGURATION Navigating Through the Gateway Configuration Pages Main Menu Option Tabs Getting Help Welcome Screen Viewing the Notice Board Changing the Administration Password Setup Wizard LAN Settings LAN IP Settings Changing the LAN Settings Changing the DHCP Server Settings DHCP Clients List Internet Settings Connection to ISP Configuring a Static IP Address Configuring a Dynamic IP Address Configuring a PPPoE connection Configuring a PPTP connection Setting up NAT Page Setting up One-to-One NAT Configuring the Firewall The Virtual Servers Menu Creating a Virtual DMZ Creating a Virtual Server PC Privileges To use access control for all computers: To assign different access rights for different computers: Example: Special Applications Adding and Editing Special Applications Creating Custom Special Applications Page Advanced Configuring VPNs Setting the VPN Mode IPSec Configuration L2TP Configuration PPTP Configuration Viewing VPN Connections Adding and Editing VPN Connections I IPSec Connections using Gateway to Gateway Example: L2TP over IPSec Connections PPTP Connections Editing IPSec Routes Accessing the System Tools Restart Time Zone Loading and Saving the Gateway Configuration Upgrading the Firmware of your Gateway Viewing Status and Logs Page Page T Basic Connection Checks Browsing to the Gateway Configuration Screens Connecting to the Internet Forgotten Password Alert LED Recovering from Corrupted Software Frequently Asked Questions USING DISCOVERY Running the Discovery Application Windows Installation (95/98/2000/Me/NT) Page IP A The Internet Protocol Suite IP Addresses and Subnet Masks Type One Device IP Address Subnet Mask How does a Device Obtain an IP Address and Subnet Mask? DHCP Addressing Static Addressing Device IP Address Subnet Mask Auto-IP Addressing Private IP Addresses Page T Interfaces Operating Temperature Power Humidity System Requirements Operating Systems Ethernet Performance Cable Specifications SAFETY INFORMATION Important Safety Information Wichtige Sicherheitshinweise Consignes importantes de scurit Page Page END USER SOFTWARE LICENCE AGREEMENT 3Com Corporation END USER SOFTWARE LICENSE AGREEMENT Page ISP I Information Regarding Popular ISPs Internet Connection Typ es Characteristics Popular ISPs Internet Connection Typ es Page G 10BASE-T 100BASE-TX 3DES Auto-negotiation Page IETF IP IP Address IPSec ISP Page Page Page I Numbers A B C E F G H I L M N O P R S T U V W Page REGULATORY NOTICES FCC Statement VCCI Statement Information to the User CE Statement (Europe)