Instant Broadband® Series

Local Secure Group and Remote Secure Group

The Local Secure Group is the computer(s) on your LAN that can access the tunnel. The Remote Secure Group is the computer (s) on the remote end of the tunnel that can access the tunnel. Under Local Secure Group and Remote Secure Group, you may choose one of three options: Subnet, IP Address, and IP Range. Under Remote Secure Group, you have two additional options: Host and Any.

Note: The IP Addresses and Subnet Mask values used here are for example only. Do not try to use them for your actual setup. Obtain the relevant information from your own network to accurately config- ure your Firewall Router.

Subnet - If you select Subnet (which is the default), this will allow all computers on the local subnet to access the tunnel. In the example shown in Figure 7-12, all Local Secure Group computers with IP Addresses 192.168.1.xxx will be able to access the tunnel. All Remote Secure Group computers with IP Addresses 192.168.2.xxx will be able to access the tun- nel (in your settings, use the IP Addresses appropriate for your VPN). When using the Subnet setting, the default values of 0 should remain in the last fields of the IP and Mask settings.

Figure 7-12

Note: It is possible to set up your Firewall Router using any combi- nation of the three settings under Local Secure Group and the five set- tings under Remote Secure Group. For instance, when Subnet is cho- sen on the local end of the tunnel, Subnet does not have to be chosen at the remote end. So a single IP Address could be chosen to access the tunnel on the local end and a range of IP Addresses could be set at the remote end of the tunnel.

EtherFast® Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint

IP Address - If you select IP Address, only the computer with the spe- cific IP Address that you enter will be able to access the tunnel. In the example shown in Figure 7-13, only the computer with IP Address 192.168.1.10 can access the tunnel from this end. Only the computer with IP Address 192.168.2.12 can access the tunnel from the remote end (in your settings, use the IP Addresses appropriate for your VPN).

Figure 7-13

IP Range - If you select IP Range, it will be a combination of Subnet and IP Address. You can specify a range of IP Addresses within the Subnet which will have access to the tunnel. In the example shown in Figure 7- 14, all computers on this end of the tunnel with IP Addresses between 192.168.1.1 and 192.168.1.20 can access the tunnel from the local end. Only computers assigned an IP Address between 192.168.2.1 and 192.168.2.100 can access the tunnel from the remote end (in your set- tings, use the IP Ranges appropriate for your VPN).

Figure 7-14

40

41

Page 23 Page 25
Page 24
Image 24
Linksys BEFSX41 manual Local Secure Group and Remote Secure Group
Page 23 Page 25
Top Page Image Contents