RuggedRouter™ User Guide

You must configure the firewall to accept connections on these ports and protocols. See the Configuring The Firewall chapter, Configuring The Firewall And VPN section for details.

The Openswan Configuration Process

Each VPN connection has two ends, in the local router and the remote router. The Openswan developers designed the configuration in such a way that the configuration record describing a VPN connection can be used without change at either end. One side of the connection (typically the local side) is designated the “left” side and the other is designated the “right” side.

A convenient method is to configure both ends simultaneously, having two browser windows up. The relevant information is cut and pasted from window to window.

This module also includes tools to export and import the connection data. The configuration can thus be generated at one router, exported, and imported at the remote router.

IPsec and Router Interfaces

The IPsec daemon requires router interfaces to exist before it starts. If none of the interfaces needed by IPsec exist, IPsec will check for them every minute until at least one does.

Note that in the unlikely event that IPsec uses multiple network interfaces, a stop of any of those interfaces will cause all tunnels to stop.

IPsec may have to be manually restarted after configuring network interfaces when multiple tunnels exist.

VPN Main Menu Before Key Generation

Figure 104: IPsec VPN Configuration Menu Before Key Generation

Upon the first entry to this menu you will prompted to generate a VPN host key. Key generation will require about 30 seconds to complete after which the menu appearance will change.

VPN Main Menu

The new menu appearance will resemble that of the following menu with the exception that you will be warned that VPN networking is not enabled. Enable VPN networking via the System folder, Bootup And Shutdown menu.

Figure 105: IPsec VPN Configuration Menu Before After Generation

126

RuggedCom

Page 127 Page 129
Page 128
Image 128
RuggedCom RX1000, RX1100 VPN Main Menu Before Key Generation, Openswan Configuration Process, IPsec and Router Interfaces
Page 127 Page 129
Top Page Image Contents