Chapter 3
Configuration via Local Pages
Local LAN IP Range In this field you have to configure the local access policy. In other words, you define which IP range of local terminals has access to the VPN. You can specify either a single IP address, a subnet, or a range.
Local LAN IP range: | Examples: | |
|
| |
a single IP address | 10.0.0.15 | |
|
| |
a single IP subnet | 10.0.0.0/24 | |
|
| |
a contiguous IP address range | ||
| ||
|
|
Set of Server Vendor specific parameters
When for the IKE Authentication method the Preshared Key method was selected, some Server Vendor specific fields must be filled out for the Automatic Start mechanism.
For a generic VPN server:
You have to fill out your
When building a VPN with multiple SpeedTouch™ devices configured as
! VPN client at different locations, you must take care to configure a unique e- mail address in each VPN client. The
For a Cisco VPN server:
You have to fill out the Group ID. The value should correspond with the groupname, as configured on the Cisco VPN server with the command:
crypto isakmp client configuration group groupname
For a Nortel VPN server:
Interworking with a Nortel VPN server is possible only when IKE
! Authentication is done via Certificates.
Configuring XAuth Optionally, you can use the Extended Authentication protocol in combination with the Automatic Start mechanism. Simply fill out a Username and Password in the optional fields, and XAuth is used when the connection is established. The Username and Password in this case act as a group key for all local terminals authorized to use the VPN connection.
58 | |
|
