Avaya 3.7 To build a routing table using the default gateway:

Setting up the network

82 Avaya VPNmanager Configuration Guide Release 3.7

The Network/Mask Pairs for this Hop list indicates the static route destination address. You can

build a static route table with up to 32 network address/mask paris. This limit allows for any

combination ranging from a single router with 32 network address/mask pairs to 32 routers with

a single address/mask pairs.

To build a routing table using the default gateway:

1. From the Configuration Console Contents column, select the security gateway you want to

configure.

2. Click the Routing tab to bring it to the front.

3. In the Default Gateway area, select the Enable box to enable the default gateway.

4. Enter the IP Address for the default gateway.

5. In the Use This Gateway For area, select one of the following:

●Decrypted Traffic

●Non-VPN Traffic

6. Select the Enable VPN Traffic Auto Forwarding box to disable traffic auto forwarding.

If an SG receives a VPN packet that is not destined for the protected network, the SG will

automatically forward this packet to the configured remote TEP. By default, the Enable VPN

Traffic Auto Forwarding box is selected, or checked.

To disable the automatic forwarding of packets, the Enable VPN Traffic Auto Forwarding

box should be un-checked.

When the VPN traffic auto forwarding is disabled, the SG will divert the packets to the

private interface. By redirecting the packets to the private interface the pack ets can be

monitored by Intrusion Detection Systems software before sending the packets to the

remote TEP on the private network.

Before disabling VPN traffic auto forwarding, confirm that a VTDR or static route is

configured on the private interface. If a VTDR is not configured on the private interface, the

redirected packet will not be sent back to the SG to be forwarded to the remote TEP.

7. In the Static Routes area, click Add to start the Static Route Configuration Wizard.

Note:

Note: Configure Static Route for security gateways VPNos 4.4 and below.

8. In the IP Address of Next Hop field, type in the address of the next router that leads to your

other LANs.

9. Click Add to List to put the router’s address into the IP Address of Next Hop list box.

10. Click Next to move to the Add Network/Mask Ranges for this Next Hop Address options.

11. In the Network field, type in the network address for the LAN that is beyond the next hop

router.

12. In the Mask text boxes, type in the subnet mask for the network address.