Compatible Systems 5.4 manual IP Routing/IP Bridging/IP Off, Numbered Interface

Once you have created a VPN port, you may access the TCP/IP Routing: VPN Configuration Dialog Box by clicking TCP/IP Routing under the VPN port’s icon.

A VPN port is a virtual port which handles tunneled traffic. Tunnels are virtual point-to-point connections through a public network such as the Internet. All packets sent through a VPN tunnel are IP-encapsulated packets, including AppleTalk, IPX and even IP packets. This encapsulation is added or removed, depending on the direction, by “Tunnel Partner” routers. Once a packet reaches the remote Tunnel Partner, the TCP/IP encapsulation is stripped off, leaving the original protocol. The unencapsulated packet is then handled according to the VPN port’s protocol configuration settings. Networks connected via a tunnel will communicate as if they are on the same network, even though they are separated by the Internet.

ϖNote: Remember that you must set up both ends of every tunnel. Therefore, you must repeat this setup with the remote router.

>IP Routing/IP Bridging/IP Off

This set of radio buttons controls how IP packets are handled for this inter- face.

• If set to IP Routing, then IP packets received on this interface are routed to the correct interface on the device.

• If set to IP Bridging, then any IP packets received on this interface are forwarded to the device’s internal bridge. This setting makes this VPN port a member of the “IP Bridge Group” for this device.

ϖNote: The IP Bridging radio button will be grayed out unless bridging has been turned on globally for the device using the Main Bridging Configuration Dialog Box (under Global/Bridging) and locally on this interface using the Bridging: VPN Dialog Box (under VPN/Bridging).

•If set to IP Off, then any IP packets received on this interface are discarded.

Numbered Interface

This check box determines whether the VPN port will have an IP network number associated with it.

VPN tunnels are essentially point-to-point links. These links do not generally require a network number because all traffic sent from one end is, by defini- tion, destined for the other end. However, you may wish to assign an address for network tracking purposes.