Appendix D

IPSec NAT Traversal

Configuration of Scenario 2

In this scenario, Router B is the RVL200 Initiator, while Router A is the RVL200 Responder. Router B will have the Remote Security Gateway IP address set to a public IP address that is associated with the WAN IP address of Router A, which is behind the NAT. Hence the public IP address (192.168.99.1) must be mapped to the WAN IP address (192.168.11.101, a private IP address) of Router A through the two one-to-one NAT rules:

•• 192.168.99.1 => 192.168.111.11 (on NAT 2)

•• 192.168.111.11 => 192.168.11.101 (on NAT 1)

WAN: 192.168.99.11

WAN: 192.168.99.22

NAT 2 - RV042

Router B - RVL200

LAN: 192.168.111.1

Initiator

 

LAN: 192.168.2.0/24

WAN: 192.168.111.101

NAT 1 - RV042

LAN: 192.168.11.1

192.168.2.100

WAN: 192.168.11.101

Router A - RVL200 Responder

LAN: 192.168.1.0/24

192.168.1.101

Traffic in Scenario 2

NOTE: Both the IPSec initiator and responder must support the mechanism for detecting the NAT router in the path and changing to a new port, as defined in RFC 3947.

Configuration of the One-to-One NAT Rules

The one-to-one NAT rules must be configured on NAT 2 - RV042 and NAT 1 - RVO42.

One-to-One NAT Rule on NAT 2 - RV042

192.168.99.1 => 192.168.111.11

Follow these instructions for the one-to-one NAT rule on NAT 2 - RV042.

1.Launch the web browser for a networked computer.

2.Access the web-based utility of NAT 2 - RV042. (Refer to “Chapter 4: Advanced Configuration” for details.)

3.Click the Setup tab.

4.Click the One-to-One NAT tab.

5.For the One-to-One NAT setting, select Enable.

Setup > One-to-One NAT

6.In the Private Range Begin field, enter 99.1.

7.In the Public Range Begin field, enter 111.11.

8.In the Range Length field, enter an appropriate value. The range length cannot exceed the number of valid IP addresses. To map a single address, enter 1.

9.Click Add to List.

10.Click Save Settings.

Refer to “Chapter 4: Advanced Configuration” for more details about one-to-one NAT rules.

One-to-One NAT Rule on NAT 1 - RV042

192.168.111.11 => 192.168.11.101

Follow these instructions for the one-to-one NAT rule on NAT 1 - RV042.

1.Launch the web browser for a networked computer.

2.Access the web-based utility of NAT 1 - RV042. (Refer to “Chapter 4: Advanced Configuration” for details.)

3.Click the Setup tab.

10/100 4-Port VPN Router

69

Page 76
Image 76
Linksys manual One-to-One NAT Rule on NAT 2 RV042, One-to-One NAT Rule on NAT 1 RV042, Click the One-to-One NAT tab

RV042 specifications

The Linksys RV042 is a robust and versatile VPN router designed for small to medium-sized businesses, offering a wide array of features that cater to networking demands. Boasting dual WAN ports, the RV042 allows users to have two internet connections, providing load balancing and failover capabilities. This means that the router can automatically switch to a secondary Internet connection if the primary fails, ensuring uninterrupted connectivity crucial for business operations.

A key feature of the RV042 is its support for Virtual Private Networking (VPN). It can accommodate up to 50 VPN tunnels simultaneously, enabling secure remote access for employees who need to connect to the office network from various locations. The router supports both PPTP and L2TP/IPsec protocols, which provide a layer of encryption, ensuring that data remains secure while transmitted over public networks.

In terms of connectivity, the Linksys RV042 is equipped with four Ethernet ports, supporting speeds of up to 1 Gbps through its LAN (Local Area Network) connections. This allows for high-speed data transfer within the office premises, making it suitable for bandwidth-intensive applications such as video conferencing and large file transfers. Additionally, the router features an integrated firewall, which helps protect the network from external threats by filtering incoming and outgoing traffic.

The RV042 also excels in its Quality of Service (QoS) capabilities, which enable users to prioritize traffic for more critical applications. This is particularly beneficial in environments where multiple applications rely on the same bandwidth, allowing businesses to maintain optimal performance for essential tasks.

For businesses looking to manage their network more effectively, the RV042 offers a web-based interface that simplifies configuration and monitoring. The user-friendly dashboard allows administrators to track network usage, configure access controls, and set up security measures easily.

Overall, the Linksys RV042 VPN router stands out for its reliability, security features, dual WAN support, and ease of management. It is an excellent choice for organizations that require a secure, stable, and high-performance networking solution, enabling seamless connectivity and productivity in an increasingly digital business landscape.