Secret/Remote, Validation Criteria, Mask, Bits

VPN

Secret/Remote	Depending on the Authentication Method:
Validation Criteria	Shared Secret—Specify the text-based secret that is used to authenticate the
Button	IPsec tunnel (case sensitive). This applies to all VPN tunnels (IPsec and
	L2TP/IPsec).
	X.509 Certificate—Specify the remote X.509 certificate validation criteria that
	must match for successful authentication (case sensitive). Note that all
	validation criteria must be configured to match the X.509 certificate. An
	asterisk (*) is valid as a wildcard.
	See Shared Secret Field Description on page 225 for more information.
	See Remote Validation Criteria Field Descriptions on page 226 for more
	information on the X.509 certificate validation criteria.
Local Device	When the VPN tunnel is established, one side of the tunnel is designated as
	Right and the other as Left. You are configuring the IOLAN-side of the VPN
	tunnel.
	Data Options: Left, Right
	Default: Left
Local IP Address	The IP address of the IOLAN. You can specify %defaultroute when the IP
	address of the IOLAN is not always known (for example, when it gets its IP
	address from DHCP). When %defaultroute is used, a default gateway must
	be configured in the route table (Network, Advanced, Route List tab).
	Field Format: IPv4 address, IPv6 address, FQDN, %defaultroute
Local External IP	When NAT Traversal (NAT_T) is enabled, this is IOLAN’s external IP address
Address	or FQDN. When the IOLAN is behind a NAT router, this will be its public IP
	address.
	Field Format: IPv4 address, IPv6 address, FQDN
Local Next Hop	The IP address of the router/gateway that will forward data packets to the
	remote VPN (if required). The router/gateway must reside on the same subnet
	at the IOLAN. Leave this parameter blank if you want to use the Default
	Gateway configured in the IOLAN.
	Field Format: IPv4 or IPv6 address

Local Host/Network The IP address of a specific host, or the network address that the IOLAN will

Address	provide a VPN connection to.
	Field Format: IPv4 or IPv6 address
Local IPv4 Subnet	The subnet mask of the local IPv4 network. Keep the default value when you
Mask	are configuring a host-to-host VPN connection.
	Default: 255.255.255.255
Local IPv6 Prefix	The prefix bits of the local IPv6 network. Keep the default value when you are
Bits	configuring a host-to-host VPN connection.
	Default: 0

Remote IP Address The IP address or FQDN of the remote VPN peer. If you want to accept a VPN connection from any VPN peer, you can enter %any in this field.

Field Format: IPv4 address, IPv6 address, FQDN, %any

Remote External IP When NAT Traversal (NAT_T) is enabled, the remote VPN’s public external IP

Address	address or FQDN.
	Field Format: IPv4 address, IPv6 address, FQDN

224	IOLAN SDS/SCS/STS User’s Guide, Version 3.6

Perle Systems STS, SCS Secret/Remote, Validation Criteria, Local Device, Data Options Left, Right

Models: SCS STS

Secret/Remote

Validation Criteria

Local Device

Data Options: Left, Right

Default: Left

Local IP Address

Local External IP

Address

Local Next Hop

Address

Local IPv4 Subnet

Mask

Local IPv6 Prefix

Bits