Motorola Enterprise Series Routers, 6161252-00-01 manual Multiple Network IPsec

Internet Key Exchange for VPNs 6-17

Multiple Network IPsec

Motorola Netopia® Embedded Software Version 8.7.4 offers an enhancement to IPsec VPN tunnels allowing multiple network support. This feature enhances your Motorola Netopia® Router’s Virtual Private Networking functionality.

This feature allows you to define many local and remote network ranges for a given IPsec VPN profile. Each of these ranges has its own IPsec tunnel. However, each tunnel has a common tunneling endpoint and encryption policy. This is useful, for example, for branch office management of multiple IP subnets over an encrypted VPN tunnel. The following diagram illustrates this feature:

Advantages of Multiple Network IPsec are:

•scalability

•flexibility, by adding any combination of remote/local network ranges

•support for sub-netting, host and network range addressing modes

•works with manual keying and Internet Key Exchange (IKE), including Xauth IKE extension (see page 6-5).

•each IPsec network works under the same local/remote tunnel endpoints

•beginning with Software Version 8.7.4, you can specify more than one force-all tunnel in a single pro- file.

•Select Add Network and press Return. The Add Network Configuration screen appears.