Chapter 2: Accessing the MergePoint 5224/5240 Appliance and Target Devices 27
Creating a VPN TunnelThe authorized user creates a VPN tunnel using either IPSec or PPTP. A user authorized for native
IP can access native IP functionality through the Web Manager or through using ssh management
commands after creating a tunnel using either IPSec or PPTP.
Figure 2.2 shows an illustration of a single user’s workstation running IPSec on the right end and
the MergePoint 5224/5240 SP manager on the left end, with a router and the Internet between the
MergePoint 5224/5240 SP manager and the user’s workstation.
Figure 2.2: MergePoint 5224/5240 Appliance VPN Example Using IPSec
Typically, the user configures a named VPN connection profile (or shortcut) on the user’s
workstation, using either IPSec or PPTP. The name on the user’s end for a preconfigured VPN
connection profile might be the name of the MergePoint 5224/5240 SP manager. The name on the
MergePoint 5224/5240 SP manager end for a VPN connection profile might simply be the name
and location of the user.
NOTE: Most systems, including the MergePoint 5224/5240 SP manager, refer to configuring a VPN connection,
but until the connection is actually made, what is informally called a VPN connection is actually a named
connection profile or connection shortcut, which stores the information the computer needs in order to establish
the connection.
The prerequisites for creating a VPN connection are shown in the following list:
• The user on the remote workstation and the MergePoint 5224/5240 SP manager administrator
have configured VPN connection profiles from both sides to support the VPN connection. See
Creating a VPN Tunnel on page 27 for more details.
• The user has created a VPN tunnel between the user’s workstation and the MergePoint 5224/
5240 SP manager.
• The user has logged into the MergePoint 5224/5240 SP manager, either through the Web
Manager or through the command line and has been authenticated.
Workstation
and IPSec Gateway
Internet
Router